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About This Guide 


This guide provides the information you need to configure and manage the Novell® TCP/IP 
networking software. In addition to planning information, this guide provides troubleshooting tips, 
techniques, and tools, as well as the symptoms of and solutions to commonly occurring problems 
with the TCP/IP components. 


This guide is divided into the following sections: 


+ Chapter 1, “Understanding TCP/IP,” on page 13 

+ Chapter 2, “Advanced TCP/IP,” on page 33 

+ Chapter 3, “Setting Up Novell TCP/IP,” on page 45 

+ Chapter 4, “SET Parameters,” on page 61 

+ Chapter 5, “Configuring Protocols,” on page 73 

+ Chapter 6, “Managing TCP/IP,” on page 123 

+ Chapter 7, “Troubleshooting,” on page 131 

+ Appendix A, “Planning Your Advanced Configuration,” on page 139 
+ Appendix B, “Configuring TCP/IP Database Files,” on page 141 


Audience 


This guide is intended for network administrators. 


Feedback 


We want to hear your comments and suggestions about this manual and the other documentation 
included with this product. Please use the User Comment feature at the bottom of each page of the 
online documentation, or go to Novell online documentation (http://www.novell.com/ 
documentation/feedback.html). 


Documentation Updates 


For the most recent version of the Novell TCP/IP Administration Guide for NetWare 6.5, see the 
Novell online documentation (http://www.novell.com/documentation/lg/nw65/index.html) 


Documentation Conventions 


In Novell documentation, a greater-than symbol (>) is used to separate actions within a step and 
items in a cross-reference path. 


In this documentation, a trademark symbol (p TM, etc.) denotes a Novell trademark. An asterisk (*) 
denotes a third-party trademark. 


When a single pathname can be written with a backslash for some platforms or a forward slash for 
other platforms, the pathname is presented with a backslash. Users of platforms that require a 
forward slash, such as UNIX* or Linux*, should use forward slashes as required by your software. 
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Understanding TCP/IP 


This section introduces TCP/IP and provides an overview of the TCP/IP suite of protocols. 
The following are discussed here: 


+ Section 1.1, “The TCP/IP Suite of Protocols,” on page 13 

+ Section 1.2, “Overview of TCP/IP Protocol Usage,” on page 14 
¢ Section 1.3, “Transport Layer Protocols,” on page 16 

+ Section 1.4, “Internet Protocol,” on page 18 

+ Section 1.5, “Assigning IP Network Addresses,” on page 20 

+ Section 1.6, “Physical and IP Addresses,” on page 23 

+ Section 1.7, “Creating Subnets,” on page 25 

+ Section 1.8, “Routing,” on page 30 

¢ Section 1.9, “Error and Control Messages,” on page 31 


¢ Section 1.10, “Router Discovery Protocol,” on page 31 


1.1 The TCP/IP Suite of Protocols 


The protocols in the TCP/IP suite roughly correspond to a network communications model defined 
by the International Organization for Standardization (ISO). This model is called the Open Systems 
Interconnection (OSI) reference model. The OSI model describes an ideal computer network system 
in which communication on the network occurs between processes at discrete and identifiable 
layers. Each layer on a given host provides services to the layers above it and receives services from 
the layers below it. Figure 1-1 illustrates the seven layers of the OSI reference model, as defined by 
ISO, and the roughly corresponding layers of the TCP/IP protocol suite. 


Figure 1-1 OSI Reference Model 










































































OSI Reference Model TCP/IP Protocol Suite 
Layer Function Protocol 
1 Application 
2 Presentation TELNET FTP SMTP DNS SNMP 
3 Session 
4 Transport TCP | UDP 
ICMP RIP OSPF EGP 
5 N k IP 
_ ARP | RARP 
5 Data Link Ethernet Token Other 
7 Physical Ring Media 














Understanding TCP/IP 


13 


The layering system allows the developers to concentrate their efforts on the functions in a given 
layer. It is not necessary for designers to create all the mechanisms to send information across the 
network. They need to know only what services the software needs to provide to the layer above it, 
what services the layers below it can provide to the software, and which protocols in the suite 
provide those services. 


The table below lists some of the more common protocols in the TCP/IP suite and the services they 
provide. 


Table 1-1 Protocols and services in the TCP/IP Suite 


Protocol Service 


Internet Protocol (IP) Provides packet delivery services (routing) 
between nodes. 


Internet Control Message Protocol (ICMP) Provides transmission of error and control 
messages between hosts and routers. 


Address Resolution Protocol (ARP) Maps IP addresses to physical addresses. 


Transmission Control Protocol (TCP) Provides reliable data-stream delivery service 
between end nodes. 


User Datagram Protocol (UDP) Provides unreliable datagram delivery service 
between end nodes. 


File Transfer Protocol (FTP) Provides application-level services for file 
transfer. 

Telnet Provides terminal emulation. 

Routing Information Protocol (RIP) Enables the exchange of distance vector routing 


information between routers. 


Open Shortest Path First (OSPF) Enables the exchange of link state routing 
information between routers. 


Exterior Gateway Protocol (EGP) Enables the exchange of routing information 
between exterior routers. 


1.2 Overview of TCP/IP Protocol Usage 


Applications developed for TCP/IP generally use several of the protocols in the suite. The layers of 
the protocol suite is also known as the protocol stack. User applications communicate with the top 
layer of the protocol suite. The top-level protocol layer on the source computer passes information to 
the lower layers of the stack, which in turn pass it to the physical network. The physical network 
transfers the information to the destination computer. The lower layers of the protocol stack on the 
destination computer pass the information to higher layers, which in turn pass it to the destination 
application. 


Each protocol layer within the TCP/IP suite has various functions; these functions are independent 
of the other layers. Each layer, however, expects to receive specific services from the layer beneath 
it, and each layer provides specific services to the layer above it. 
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Figure 1-2 shows the TCP/IP protocol layers. The layers at the same level on the source and 
destination computers are peers. For example, the application on the source computer and the 
application on the destination computer are peers. Each layer of the protocol stack on the source 
computer communicates with its peer layer on the destination computer. From the perspective of the 
software developer or user, the transfer takes place as if the peer layers sent their packets directly to 
one another. 


Figure 1-2 TCP/IP Model 
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For example, An application for transferring files with TCP performs the following operations to 
send the file contents: 





1. The Application layer passes a stream of bytes to the Transport layer on the source computer. 


2. The Transport layer divides the stream into TCP segments, adds a header with a sequence 
number for that segment, and passes the segment to the Internet (IP) layer. A checksum is 
computed over the TCP header and data. 


3. The IP layer creates a packet with a data portion containing the TCP segment. The IP layer 
adds a packet header containing source and destination IP addresses. 

4. The IP layer also determines the physical address of the destination computer or intermediate 
computer on the way to the destination host. It passes the packet and the physical address to the 
Data-Link layer. A checksum is computed on the IP header. 

5. The Data-Link layer transmits the IP packet in the data portion of a data-link frame to the 
destination computer or an intermediate computer. If the packet is sent to an intermediate 
computer, steps 4 through 7 are repeated until the destination computer is reached. 


6. Atthe destination computer, the Data-Link layer discards the data-link header and passes the IP 
packet to the IP layer. 
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7. The IP layer checks the IP packet header. If the checksum contained in the header does not 
match the checksum computed by the IP layer, 1t discards the packet. 


8. Ifthe checksums match, the IP layer passes the TCP segment to the TCP layer. 


9. The TCP layer computes a checksum for the TCP header and data. If the computed checksum 
does not match the checksum transmitted in the header, the TCP layer discards the segment. If 
the checksum is correct and the segment is in the correct sequence, the TCP layer sends an 
acknowledgment to the source computer and passes the data to the application. 


10. The application on the destination computer receives a stream of bytes, just as if it were 
directly connected to the application on the source computer. 


1.3 Transport Layer Protocols 


The Transport layer of the TCP/IP protocol suite consists of two protocols, UDP and TCP. UDP 
provides an unreliable connectionless delivery service to send and receive messages. TCP adds 
reliable byte stream-delivery services on top of the IP datagram delivery service. 


The ports numbered between 1 and 1,023 are well-known port numbers. For dynamically bound 
ports, an application requests that UDP assign a port to identify which port the process uses. The 
port must be in the range of 1,024 to 65,535. 


1.3.1 UDP 


UDP identifies applications through ports. The protocol defines two types of protocol ports: well- 
known port assignments and dynamically bound ports. For well-known port assignments, certain 
UDP port numbers are reserved for particular applications. Then the application can direct UDP 
datagrams to that port. 


UDP enables multiple clients to use the same port number and different IP addresses. The arriving 
UDP datagrams are delivered to the client that matches both the destination port number and 
address. (A socket consists of an IP address and the port number.) If there is no matching client or if 
the ICMP destination is unreachable then a port unreachable message is sent and the packet is 
dropped. 





The UDP datagram is encapsulated in an IP datagram that, in turn, is encapsulated in physical 
frames. Figure 1-3 shows a UDP datagram encapsulated in an IP datagram, which, in turn, is 
encapsulated in an Ethernet frame. This figure also illustrates how the concept of /ayering, discussed 
at the beginning of this section, affects the construction of packets sent across the network. 
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Figure 1-3 UDP Datagram Encapsulation 
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In this example, the IP address transmits the IP datagram to the node. At that destination, the IP 
software extracts the UDP datagram and delivers it to the UDP-layer software. The UDP-layer 
software delivers the UDP data through the destination port to the receiving application. The process 
at that port uses the data in the UDP datagram. The UDP datagram also contains a source port to 
ensure that the destination process can reply correctly. 


1.3.2 TCP 


For applications that must send or receive large volumes of data, unreliable datagram delivery can 
become burdensome. Application programmers might need to develop extensive error handling and 
status information modules to track the progress and state of data transfer for every application. The 
TCP/IP suite of protocols avoids this problem by using TCP, a reliable byte-stream delivery 
protocol. TCP establishes a connection between two applications and sends a stream of bytes to a 
destination in exactly the same order that they left the source. Before transmission begins, the 
applications at both ends of the transmission obtain a TCP port from their respective operating 
systems. These are analogous to the ports used by UDP. The application initiating the transfer, 
known as the client side, generally obtains a port dynamically. The application responding to the 
transfer request, known as the server side, generally uses a well-known TCP port. The client side is 
typically the active side and initiates the connection to the passive server side. 


Like the UDP datagrams, TCP segments are encapsulated in an IP datagram. TCP buffers the stream 
by waiting for enough data to fill a large datagram before sending the datagram. The stream is 
unstructured, which means that before transmission of data, both the sending and receiving 
applications must agree on the meaning of the contents of the stream. The TCP protocol uses full- 
duplex transmission. Full duplex means that two data streams can flow in opposite directions 
simultaneously. Thus, the receiving application can send data or control information back to the 
sending application while the sending application continues to send data. 


The TCP protocol gives each segment a sequence number. At the receiving end of the connection, 
TCP checks successive sequence numbers to ensure that all the segments are received and processed 
in the order of the sequence numbers. The receiving end sends an acknowledgment to the sender for 
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the segments received. TCP enables the sender to have several outstanding segments before the 
receiver must return an acknowledgment. If the sending node does not receive an acknowledgment 
for a segment within a certain time, it retransmits that segment. This scheme, called positive 
acknowledgment with retransmission, ensures that the stream delivery is reliable. 


1.4 Internet Protocol 


In the TCP/IP protocol suite, all packets are delivered by the IP datagram delivery service. Packet 
delivery is not guaranteed by this service. A packet can be misdirected, duplicated, or lost on the 
way to its destination. The service is connectionless because all packets are transmitted 
independently of any other packets. This is in contrast to a telephone network, for instance, where a 
comnection is established and maintained. 


To keep track of the delivery status, TCP/IP applications using the IP datagram delivery service 
expect to receive replies from the destination node. 


IP defines the form that packets must take and the ways that packets are handled when they are 
transmitted or received. The form the packet takes is called an JP datagram. It is the basic unit of 
information that is passed across a TCP/IP network. The IP datagram consists of a header and a data 
section. The header section contains the sender’s (source) IP address and the receiver’s (destination) 
IP address and other information. Figure 1-4 shows the general form of an IP datagram. 


Figure 1-4 Basic Frame of an IP Datagram 
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The IP address for a node is a logical address and is independent of any particular hardware or 
network topology. It has the same form, regardless of the media type. The IP address (version 4) is a 
4-byte (32-bit) numeric value that identifies both a network and a local host or node (computer or 
other device) on that network. The 4-byte IP address is usually represented in dotted decimal 
notation. Each byte is represented by a decimal number, and periods separate the bytes, for example, 
129.47.6.17. 


The Data-Link layer transmits IP packets in the data section of its physical frame. Because IP 
supports a 64-KB packet length, an IP datagram might not fit in a data-link frame. Also, in traveling 
to its destination, a datagram can traverse many different media with different physical frame 
lengths. An IP router might need to forward a packet across media in which the inbound and 
outbound frame lengths differ. 


To handle these potential problems with packet transmission, IP specifies a method for breaking 
datagrams into fragments. The fragments are reassembled when they arrive at the final destination. 
Reassembling fragments reconstructs the entire IP datagram. 
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1.4.1 Path Maximum Transfer Unit 


The maximum transfer unit (MTU) is the maximum size of data packets that can be transferred 
across a given physical network. For local area networks, such as Ethernet, the MTU is determined 
by the network hardware. For wide area networks that use serial lines to interconnect packet 
switches, the MTU is determined by software. 


The Path MTU is the smallest of all MTUs, for the hops along a path from the source host to the 
destination host. The Path MTU governs the size of the largest IP packet that can be sent across the 
path without fragmentation. This feature conforms to RFC 1191. 


This feature is automatically enabled when you enable TCP/IP. 


Path MTU Discovery Process 


There are two advantages to this feature. The Path MTU avoids fragmentation anywhere along the 
path and it reduces the protocol overhead. 


The Path MTU discovery process prevents fragmentation between two routers. Figure 1-5 illustrates 
a sample Path MTU discovery process, followed by an example of the steps involved. 


Figure 1-5 Sample Path MTU Discovery Process 
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The following describes the steps involved in the sample Path MTU discovery process illustrated 
above: 





Router 2 














1. Host A opens a File Transfer Protocol (FTP) connection to Host B. 


2. Host A and Host B negotiate the maximum segment size (MSS) during their connection. This 
1s the largest TCP segment that a host can send across a network. The MSS in Figure 1-5 is 
4,110 bytes, which is 4,150 bytes minus 40 bytes for the IP and TCP headers. 


3. Host A sends a 4,150-byte packet to 4,110 bytes of data and 40 bytes of header information to 
Host B. The Don’t Fragment (DF) flag in the IP header is set to yes in Host A. 


4. Router 1 receives the packet from Host A. Then Router 1 determines that the packet is larger 
than 1,500 bytes, which is the maximum packet size that can be sent over a PPP network. 


5. Router 1 sends Host A an ICMP destination unreachable error message. This message indicates 
that Router 1 must fragment packets larger than 1,500 bytes. 


6. Host A receives the error message from Router 1. In response, it adjusts the maximum segment 
size to 1,460 bytes. 


7. Host A resends the data from Step 3. Each packet consists of 1,460 bytes of data and 40 bytes 
of header information. 


8. Router | accepts the packets and forwards them to Router 2, which then sends them to Host B. 
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1.5 Assigning IP Network Addresses 


IP network addresses should be assigned by one person at your company. We recommend that a 
network administrator assign IP network addresses. Therefore, to obtain a new address, see your 
network administrator. If you are a network administrator this section helps you assign IP network 
addresses. 


For a node using the TCP/IP protocol suite to communicate with other nodes, including nodes on 
other private networks and on the Internet, an IP network address is required. Your IP network 
address could be determined in one of the following ways: 


+ Ifyou are accessing the Internet through an Internet Service Provider (ISP), you can be 
assigned an IP address by your ISP. 


¢ Ifyou are connected directly to the Internet community or if you cannot connect to the Internet 
using the registered IP address range you were assigned by your ISP, contact the following 
organization: 


Network Solutions, Inc. 

Attn.: InterNIC Registration Services 
505 Huntmar Park Dr. 

Herndon, VA, USA 20170 


E-mail: hostmaster@internic.net 


Web address: http://nic.ddn.mil or http://192.112.36.5 


¢ If your network is not attached to the public Internet community, you can select an arbitrary IP 
network number. However, if you plan to attach your network to the Internet later, you should 
use the guidelines in RFC 1918. 


The addresses for all the nodes on the network must meet the following criteria: 


+ All addresses within a network must use the same prefix. For example, any node on network 
129.47 must have an address in the form 129.47.x.x. 


+ Each node must have a unique IP address. 


1.5.1 Historic IP Address Classes 


Each 4-byte IP address is divided into two parts: 


+ A network portion, which identifies the network 
* A host portion, which identifies the node 


IP addresses are differentiated into three classes, based on the two most significant bits of the first 
byte. This is done so that routers can efficiently extract the network portion of the address. 


This division can occur at any one of three locations within the 32-bit address. These divisions 
correspond to the three IP address classes: Class A, Class B, and Class C. Regardless of address 
class, all nodes on any single network share the same network portion; each node has a unique host 
portion. 
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The following address classes are discussed in this section: 


+ “Class A Addresses” on page 21 
+ “Class B Addresses” on page 21 
+ “Class C Addresses” on page 22 


Class A Addresses 


A Class A IP address consists of a 1-byte network portion followed by a 3-byte host portion, as 
shown in Figure 1-6. The highest-order bit of the network portion is always set to 0. Thus, within an 
internetwork, there can be a total of 126 Class A networks (1 through 126), with more than 16 
million nodes in each (networks 0 and 127 are reserved). 


The format of a Class A address is as follows: 
Onnnnnnn.hhhhhhhh.hhhhhhhh.hhhhhhhh 

where n represents the network address and h represents the host address. 

Class A addresses contain 7 bits of network address and 24 bits of host address. 


Figure 1-6 Class A IP Address 
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Class B Addresses 


A Class B IP address consists of a 2-byte network portion followed by a 2-byte host portion, as 
shown in Figure 1-7. The two highest-order bits of the network portion are always set to 10. Thus, 
within a single internetwork there can be approximately 16,000 Class B networks (128.0 through 
191.255), with more than 65,000 nodes in each. 


The format of a Class B address is as follows: 
10nnnnnn.nnnnnnnn.hhhhhhhh.hhhhhhhh 

where n represents the network address and h represents the host address. 

Class B addresses contain 14 bits of network address and 16 bits of host address. 


Figure 1-7 Class B IP Address 
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Class C Addresses 


A Class C IP address consists of a 3-byte network portion followed by a 1-byte host portion, as 
shown in Figure 1-8. The three highest-order bits of the network portion are always set to 110. 
Within a single internetwork, there can be approximately 2 million Class C networks (192.0.0 
through 223.255.255), with up to 254 nodes in each. 


The format of a Class C address is as follows: 
110nnnnn.nnnnnnnn.nnnnnnnn.hhhhhhhh 

where n represents the network address and h represents the host address. 
Class C addresses contain 21 bits of network address and 8 bits of host address. 


Figure 1-8 Class C IP Address 
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1.5.2 Identifying Network Classes 


The first byte of an IP address identifies which of the three network classes that address belongs to. 
The ranges for that first byte are as follows: 

+ Class A: 1 to 126 (1.h.h.h to 126.h.h.h) 

+ Class B: 128 to 191 (128.n.h.h to 191.n.h.h) 

+ Class C: 192 to 223 (192.n.n.h to 223.n.n.h) 
An IP address beginning with 154 is a Class B address. The first two bytes of the address are 
represented by n for the network portion of the address, and the last two bytes are represented by h 


for the host portion. For example, an IP address of 154.1.0.3 means the IP network portion is 
154.1.0.0 and the host portion on that network is #.#.0.3. 


The network portion of an IP address should be the same for all nodes on that network. Each node 
connected to the network must have a unique IP host address assigned to it. 





TIP: The key to selecting a number for the host portion of the IP address is to ensure that the 
number selected is unique; that is, that no other host on the network has the same IP address. 





1.5.3 Selecting an Appropriate Address Class 


When selecting an IP address class, you must decide on both network numbers and host address 
portions. Because the first 1, 2, or 3 bits of the IP address determine how the entire address is to be 
interpreted and where the division between the network address and host address portion is to occur, 
you should know the consequences of your choice. When deciding on a network class, you should 
consider the number of IP nodes to be supported on your network and the number of networks you 
plan to configure. 
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For example, if you use Class C addresses (the first 3 bits of the IP address are 110 binary), then you 
are restricted to 254 nodes. However, the number of nodes available can be altered by using subnets. 
Before selecting an IP address class, see Section 1.7, “Creating Subnets,” on page 25. 


1.5.4 Reserved IP Addresses 


The IP addressing rules reserve the following types of IP addresses for special purposes: 


+ Network addresses: IP addresses in which the host portion is set to all zeros. For 
example, 129.47.0.0 is the network address (or network number) for a Class B network. 
Network addresses identify networks rather than nodes on a network. By convention, no node 
1s ever assigned a host portion consisting of all zeros. 


+ Broadcast addresses: Addresses in which the host portion is set to all ones. A packet with a 
broadcast address is destined for every node on the network. By convention, no node is ever 
assigned a host portion consisting of all ones. 


+ Loopback addresses: Addresses that cause the protocol software to return data without 
sending traffic across a network. Network address 127.0.0.0 and all host addresses on that 
network (for example, 127.0.0.1) are reserved. 


+ Multicast addresses: Addresses that are used to send packets to a group of hosts or routers. 
They range from 224.0.0.1 to 239.255.255.255. 


+ Reserved addresses: Addresses in which the network portion consists of all zeros or all ones. 


1.6 Physical and IP Addresses 


Each node has a physical address for the specific hardware device that connects it to a network. For 
instance, a physical address on an Ethernet network is a 6-byte numeric value, such as 08-00-14-57- 
69-69. It is assigned by the manufacturer of the Ethernet interface hardware. X.25 networks, which 
conform to the specification of the ITU-T (International Telecommunications Union, 
Telecommunications sector), previously CCITT, use the X.121 standard for physical addresses, 
which consist of 14-digit numbers. 





NOTE: Physical addresses are also called media access control (MAC) addresses. Throughout the 
rest of this section, all references to MAC or physical addresses assume physical addresses on 
Ethernet, token ring, or FDDI networks. 


Because IP uses a 32-bit address and Ethernet uses a 48-bit Ethernet address, there is a conflict. To 
associate the IP address to a physical address on an Ethernet network, a mapping must occur 
between the two types. The address resolution protocol (ARP) provides a mapping between the two 
different forms of addresses. 





1.6.1 IP Address to Physical Address Translation 


Each physical medium has its own physical address for nodes on that medium. The physical 
addresses are also called MAC addresses. Ethernet and token ring networks use 6-byte MAC 
addresses. ARCnet uses a 1-byte MAC address. 
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IP addresses are independent of the hardware. When an IP packet is transmitted on the network, it is 
first encapsulated within the physical frame used by that network. Figure 1-9 shows an IP packet 
encapsulated in an Ethernet frame. The IP packet contains an Internet address for a node, but the 
Ethernet frame must have a physical address for it to be delivered on the data-link network. 
Therefore, the sending node must be able to map an IP address to a physical hardware address. 


Figure 1-9 Packet Encapsulated in an Ethernet Frame 
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+ “Mapping Internet Addresses to Physical Addresses” on page 24 
+ “Address Resolution Cache" on page 24 


Mapping Internet Addresses to Physical Addresses 


When an IP address is mapped to a physical, or MAC, address, ARP is used on broadcast networks 
such as Ethernet, token ring, and ARCnet. When a node uses IP to send a packet, it must determine 
which physical address on the network corresponds to the destination IP address. To find the 
physical address, the node broadcasts an ARP packet containing the destination IP address. The 
node with the specified destination IP address sends its physical address back to the requesting node. 


Address Resolution Cache 


To speed packet transmissions and reduce the number of broadcast requests that must be examined 
by every node on the network, each node keeps an address resolution cache. Each time the node 
broadcasts an ARP request and receives a response, 1t creates an entry in its address resolution 
cache. The entry maps the IP address to the physical address. 


When the node sends an IP packet, it looks up the IP address in its cache and uses the physical 
address, if found. The node broadcasts an ARP request only if the IP address is not in its cache. 


ARP Cache Update Timeout 


ARP Cache Update Timeout is a configurable parameter used to specify the timeout period for an 
entry to be removed from the ARP table, if the entry has not been updated. The ARP Cache Update 
Timeout value should be greater than or equal to the ARP Cache Stale Timeout value. 


ARP Cache Stale Timeout 


ARP Cache Stale Timeout ia a configurable parameter used to specify the timeout period for an 
entry to be removed from the ARP table, if the entry has not been used for some time. The ARP 
Cache Stale Timeout value should be less than or equal to the ARP Cache Update Timeout value. 
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1.7 Creating Subnets 


One IP network can be divided into smaller networks, called subnets. The following are reasons to 
divide your network: 


+ Use multiple media: It can be impossible, inconvenient, or too expensive to connect all nodes 
to a single network medium when these nodes are too far apart or already connected to different 
media. 


+ Reduce congestion: Traffic between nodes on a single network uses network bandwidth. As a 
result, more bandwidth is required when you have more nodes. Splitting nodes into separate 
networks reduces the number of nodes on a data-link network. Fewer nodes generate less traffic 
and, as a consequence, less congestion. 


+ Reduce CPU use: Reducing CPU use on connected nodes is similar to reducing congestion. 
More nodes on a network cause more broadcasts on that network. Even if a broadcast is not 
sent to a particular node, each node on a network must react to every broadcast before deciding 
to accept it or discard it. 


¢ Isolate a network: By splitting a large network into small networks, you limit the impact of 
one network’s problems on another. Such problems can include network hardware failures, 
such as an open Ethernet tap, or software failures, such as a broadcast storm. 


+ Improve security: On a broadcast network medium such as Ethernet, each node on a network 
has access to all packets sent on that network. By enabling sensitive network traffic on only one 
network, other network monitors can be prevented from accessing this sensitive traffic. 


+ Make efficient use of IP address space: If you are using a Class A or B network number and 
have multiple small physical networks, you can divide the IP address space into multiple IP 
subnets and assign them to individual physical networks. Another option is to obtain several 
Class C network numbers, although this is less desirable. 


For more information about creating subnets, see the following: 
+ “Subnet Addresses and Masks” on page 25 
+ “Subnet Zero” on page 27 
+ “Variable Size Subnets” on page 28 
+ “Assigning Subnet Addresses” on page 28 
+ “Broadcast Addresses” on page 29 
+ “Multicast Addresses” on page 29 


1.7.1 Subnet Addresses and Masks 


Communication between a node on a local subnet and a node on a different subnet is similar to 
communication between nodes on two different networks. To a user, routing between subnets is 
transparent. Internally, the IP software recognizes any IP addresses that are destined for a remote 
subnet and sends those packets to the router on that subnet. 


As in network-to-network communication, the routing information for communication between 
subnets is maintained in the routing table (by IP). 


When a network is divided into subnets, the host address portion of the IP address is divided into 
two parts, just as the IP address itself is divided into two parts. The host address portion specifies 
both the subnet of the IP network and the node on that subnet. 
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The four-byte IP address consists of a network address and a host portion, as shown in Figure 1-10. 


Figure 1-10 4-byte IP Address 





«Network Address» | <Subnet Address» <Host Address» 








Network Address Host Portion 


For instance, if a network has the Class B IP network address portion 129.47, the remainder of the IP 
address can be divided into subnet addresses and host addresses. Controlled by the local network 
administrator, this division allows the most flexibility for network development at the local site. For 
example, the subnet address could comprise 4 bits of the remaining 2 bytes. This allows 15 subnets, 
each with 4,094 nodes. Or, in another case, the subnet address could comprise 8 bits, allowing 255 
subnets (a subnet address of all ones is not valid), each with 254 nodes. 





NOTE: NetWare® routing software supports the use of all zeros in the subnet field (subnet zero). 
However, a subnet field with all ones denotes all subnets of a particular network; therefore, a subnet 
field with all ones cannot be used as a local IP address. 





Figure 1-11 shows a single IP network divided into two subnets. The router shown has physical 
attachments and IP addresses on both subnets (129.47.128.1 and 129.47.192.1). It might also have 
physical devices and IP addresses (nn.nn.nn.nn) connecting it to other networks. 


Figure 1-11 Single IP Network Divided into Two Subnets 
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A subnet mask indicates how the host portion of the IP address is divided into a subnet address and a 
local host portion. The network mask is a 32-bit number with all ones for all network and subnet 
address portions, and all zeros for the host field. With a Class B network portion of 129.47 and a 4- 
bit subnet address, for instance, the subnet mask consists of 20 ones and 12 zeros. In essence, a 
subnet mask locally extends the network address portion of an IP address and reduces the host 
portion. 
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The table below shows an example of a Class C subnet with an IP address of 200.2.1.209. To create 
a subnet address, bits are taken from the local host portion. As the size of the subnet mask increases, 
the number of hosts decreases and the number of subnets increases. 


Table 1-2 Example of Class C student with IP Address 200.2.1.209 


Class C IP Address Available Networks, 

200.2.1.209 Network Number Subnet Number Host Number Subnets, and Hosts 

FF.FF.FF.0 200.2.1.0 None 0.0.0.209 1 network, O 
subnets, and 254 
hosts 

FF.FF.FF.EO 200.2.1.0 200.2.1.192 0.0.0.17 7 subnets and 30 


hosts per subnet 


FF.FF.FF.FO 200.2.1.0 200.2.1.208 0.0.0.1 15 subnets and 14 
hosts per subnet 


Figure 1-12 shows examples of IP network addresses, their relationship to the subnet mask, and the 
corresponding subnets. 


Figure 1-12 Examples of IP Network Addresses 
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Subnet 11111111.11111111.11110000.00000000 
Mask: 


129.47.128.254: 10000010.00111001.10000000.11111110 IP Address on Subnet 128 
129.47.129.01: 10000010.00111001.10000001.00000001 IP Address on Subnet 128 
129.47.192.254: 10000010.00111001.11000000.11111110 IP Address on Subnet 192 


129.47.193.01: — 10000010.00111001.11000001.00000001 IP Address on Subnet 192 





1.7.2 Subnet Zero 


Subnet zero is a subnet with all the bits in the subnet field of the IP address set to 0. For example, 
subnet 130.57.0.0, with a mask of 255.255.240.0, 1s a subnet zero of network 130.57, as shown in 
Figure 1-13. 


Figure 1-13 Subnet Zero 


Subnet Address 
Network Address LI Local Host Portion 
| [ 1 [| 1 


Subnet 11111111.11111111.11110000.00000000 


Mask: 


130.57.0.1: 10000010.00111001.00000000.00000001 IP Address on Subnet 0 
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The official IP specification reserves the subnet addresses with all zeros and all ones and does not 
allow them to be used as subnet addresses. However, this policy wastes one subnet in the IP address 
space. To counteract this limitation, the Novell® TCP/IP implementation enables the use of subnet 
zero. 


1.7.3 Variable Size Subnets 


The subnets of a network can have different length subnet masks, called variable length subnet 
masks. These subnets are called variable because the size, or length, of the subnet varies from subnet 
to subnet. 


A subnet mask defines the number of bits that can be used to define the subnet and the number of 
bits to define the host. As the subnet mask increases, the number of hosts on a subnet decreases. As 
the subnet mask decreases, the number of hosts that can be defined increases. 


Some network configurations have individual subnets with a large number of hosts and other 
subnets with a small number of hosts. Using the same subnet masks on all subnets can mean either 
of the following: 


+ The mask is too small and you do not have enough subnet numbers for all your subnets. 
+ The mask is too big and you do not have enough host IDs for all your hosts on a subnet. 


If the mask is too small or too big, use a variable size subnet. By varying the size of the subnet mask 
used on a network, you can match the number and size of subnets to your configuration. 


For example, subnet 16 of network 130.57.0.0 with mask 255.255.240.0, 130.57.16.0, can be further 
divided into 16 sub-subnets with 256 hosts each. (Actually, this division creates 15 sub-subnets with 
254 hosts each because sub-subnet 130.57.31.0, host 0, and host 255 are not used.) 





NOTE: OSPF and RIP II recognize subnet masks and support variable size subnets. RIP I does not 
work when the network is partitioned into variable length subnets because RIP I assumes that all 
subnets belonging to the same network use the same subnet mask. 





1.7.4 Assigning Subnet Addresses 





TIP: Because RIP I packets do not carry subnet mask information, the RIP I routing protocol 
imposes several restrictions on the use of subnets. If you are using RIP I, use the same subnet mask 
for all subnets belonging to the same network. Using RIP II lifts this restriction. 





If you are installing the routing software on a network with subnets, use the subnet mask already 
established for the network. 


Subnet addresses and host addresses are typically assigned in numeric order, where both the subnet 
and host addresses are assigned from the right edge of their field. By this method, the border 
between the subnet address and the host address becomes fixed when the first subnet (subnet address 
= 1) is assigned. If the number of hosts on a subnet or the number of subnets required exceeds the 
limits of the subnet mask, using this method makes it difficult to adjust the subnet mask because 
each host must be renumbered. 


To prepare for changes in the size of the subnet mask, RFC 1219 suggests that subnets be assigned 
from the /eft of the subnet address field, and that hosts be assigned, in numeric order, from the right 
of the host address field. In this way, the subnet bits become a mirror image of the host bits. (You 
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must still select an initial subnet mask and use it for all subnets in the network.) For example, to 
apply this method to a Class B IP network with a subnet mask of 255.255.255.0, you assign subnet 
addresses as follows: 


1000 0000 (Decimal 128) 
0100 0000 (Decimal 64) 
1100 0000 (Decimal 192) 
0010 0000 (Decimal 32) 


0000 0001 (Decimal 1) 
0000 0010 (Decimal 2) 
0000 0011 (Decimal 3) 
0000 0100 (Decimal 4) 


Then, you assign host addresses on each subnet as follows: 


Using this method leaves a buffer zone between the subnet and host addresses, which enables future 
network growth. 


The method of assigning subnet addresses described in this section summarizes the method 
suggested in RFC 1219, On the Assignment of Subnetwork Numbers. For a complete description of 
this method, refer to RFC 1219. 


1.7.5 Broadcast Addresses 


There are four types of broadcast addresses: directed broadcasts, subnet directed broadcasts, all- 
subnets directed broadcasts, and limited broadcasts. A directed broadcast has a destination IP 
address with the network portion of the IP address set to Class A, B, or C network, and the host field 
set to all ones. Directed broadcasts are sent to all hosts on the specified network. 


If the network is divided into subnets, each subnet has a subnet directed broadcast. A subnet directed 
broadcast has an IP address with the network field set to the network identifier, the subnet field set to 
the subnet identifier, and the host field set to all ones. 


An IP address with both the subnet and host field set to all ones is interpreted as a broadcast directed 
to all the subnets on the network. That is, the first router on the specified network broadcasts the IP 
address to one of its subnets. If broadcast forwarding is enabled, the receiving routers in that 
network forward the broadcast to other subnets. 


An IP address with all bits set to 1 that is, 255.255.255.255 is called a limited address. It is directed 
to all hosts on the subnet from which the broadcast originated. 


1.7.6 Multicast Addresses 


A multicast address is used to send packets to a group of hosts or routers. A packet with a multicast 
address is received by all hosts and routers belonging to that multicast group. Class D addresses are 
reserved for multicast addresses. They range from 224.0.0.1 to 239.255.255.255. 
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The Novell TCP/IP implementation uses five multicast addresses. Two are used by OSPF to 
multicast packets to OSPF routers. These addresses are 224.0.0.5 and 224.0.0.6. Two are used by 
Router Discovery messages to multicast router advertisements and solicitation messages. These 
addresses are 224.0.0.1 and 224.0.0.2. RIP II uses multicast address 224.0.0.9. 


1.8 Routing 


The term routing refers to the transmission of a datagram from one node to another on the same or a 
different network. The route refers to the path that is chosen to transmit an IP datagram from its 
origin to its destination, based on the IP addresses contained in the datagram. 


When a datagram is sent to a node on another network, the network portions of the source and the 
destination IP addresses are different. When the packet is received by a router that connects the 
source to the destination network, the router forwards the packet on the correct interface to reach the 
destination, as shown in Figure 1-14 on page 30. Two networks are connected if at least one router is 
attached to both networks. 


Figure 1-14 How the Router Connects the Source to the Destination Network 
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Each host has a default router or a list of routers in other networks. When IP sends a datagram, the 
following happens: 


1. IP searches the routing table of the sending node for a default route or a path to the destination 
IP address. 


2. IP extracts the address of the default router or next-hop router from the route entry. 


3. IP requires ARP to map the next-hop address to its hardware address. 
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4. IP transmits the packet to the next hop. 
5. IP repeats Steps 1 through 4 until the final destination is reached. 


1.9 Error and Control Messages 


Another protocol in the TCP/IP suite is the Internet Control Message Protocol (ICMP). ICMP 
packets contain information about errors and control on the network: inoperative nodes and 
gateways, packet congestion at a gateway, and so on. The IP software, rather than the application, 
interprets an ICMP message. The IP software then takes the appropriate action with respect to the 
ICMP message, independently of the application. Because an ICMP message might need to travel 
across several networks to reach its destination, 1t is encapsulated in the data portion of an IP 
datagram. 


ICMP is also used to test connectivity between two nodes. The originating node uses PING to send 
an ICMP echo request and waits for an ICMP echo response from the destination. 


1.10 Router Discovery Protocol 


The Router Discovery Protocol, which is an extension to the Internet Control Message Protocol 
(ICMP), allows hosts to discover routers on their networks and determine which router to use as the 
default router. When a host needs to send a packet to another network, it first sends the packet to a 
router that forwards the packet toward the destination. To accomplish this, the host needs to know 
where the routers are on its network and which one to send packets to. 


When you configure the router discovery mechanism, the router advertises itself with periodic 
ICMP router advertisement messages. Then the host listens to this message and decides whether to 
use a router as the default router. 


You can configure the host to solicit the router advertisement on attached networks. All participating 
routers then reply to the inquiry. By collecting those replies, the host discovers the routers on the 
network and determines which router to use. 


A host might not select the best router (the router with the optimal path) to forward packets to a 
specific destination. When a router receives a packet from a host that is better forwarded to another 
router on the network, the router uses an ICMP Redirect message to notify the host of the optimal 
path. 


NetWare routing software provides both host and router implementations of the Router Discovery 
Protocol. The mode of operation of the Router Discovery Protocol is determined by whether the IP 
Packet Forwarding parameter is enabled. If IP Packet Forwarding is enabled, the Router Discovery 
Protocol sends Router Advertisement messages. If IP Packet Forwarding is disabled, the Router 
Discovery Protocol sends Router Solicitation Messages. 

+ Section 1.10.1, “ICMP Router Advertisement Message,” on page 31 

+ Section 1.10.2, “ICMP Router Solicitation Message,” on page 32 


+ Section 1.10.3, “Router Discovery Multicast Address,” on page 32 


1.10.1 ICMP Router Advertisement Message 


The ICMP Router Advertisement Message is ICMP message type 9. This message is used by routers 
to advertise their presence on the network and is broadcast or multicast to all hosts on the network. 
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This message type carries the IP address of the router and its preference level. Hosts use the 
preference level to determine which router to use for forwarding. The router with the highest 
preference becomes the default router. A value of 0x80000000 indicates that the router is not to be 
used. Routers with this value are used only when other routers send ICMP Redirect messages to the 
host. 


1.10.2 ICMP Router Solicitation Message 


The ICMP Router Solicitation Message is ICMP message type 10. Hosts use this message to solicit 
router advertisements from all participating routers on the network. 


1.10.3 Router Discovery Multicast Address 


Router Discovery uses two IP multicast addresses. The IP address 224.0.0.1 is reserved to multicast 
the Router Advertisement Message to the hosts. The IP address 224.0.0.2 is reserved to multicast the 
Router Solicitation Message to the routers. If the network does not support multicast, then broadcast 
address 255.255.255.255 is used for both the Router Advertisement and Router Solicitation 
messages. 
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Advanced TCP/IP 


The Novell® TCP/IP software is now multiprocessor - enabled and multithreaded. The transport 
layer (TCP and UDP) is completely multiprocessor-enabled so that the stack can process any TCP/ 
UDP connections on any processor. These features take advantage of the multiple processors 
available and make the stack scale more than it does on a uni-processor machine. 


The Novell TCP/IP stack consists of the following six NetWare® Loadable Module™ (NLM™) 
programs: 


+ 


+ 


+ 


tcp.nlm provides the transport layer TCP and UDP interfaces. 

tcpip.nlm provides IP, ICMP, IGMP, Routing, and other networking layer protocols. 
bsdsock.nlm provides the BSD standards sockets interface. 

netlib.nimis a library for the entire stack. 

nirman.nlm allows you to configure the stack through a browser. 

inetcfg.nlm allows you to configure the stack with the help of tcpcfg.nlm. 
tcpstats .nlm allows you to perform Web-based TCP/IP monitoring 


The stack configuration information is stored in sys:\etc\tcpip.cfg and sys: Vete netinfo.cfg. 





NOTE: An abend can cause the corruption of both .cfg files, so always make a backup of the 
files. 





The stack provides the TCP/IP protocols as per the Request For Comments. NetWare 6.5 includes 
the following new features: 


* 


* 


* 


* 


* 


Section 2.1, *Selective Acknowledgement," on page 34 

Section 2.2, "Large Windows," on page 34 

Section 2.3, "Multihoming," on page 34 

Section 2.4, “Load Balancing," on page 35 

Section 2.5, *Fault Tolerance," on page 38 

Section 2.6, "Virtual IP Address," on page 38 

Section 2.7, "Multiple Default Gateway," on page 39 

Section 2.8, “Dead Gateway Detection,” on page 39 

Section 2.9, “Path MTU Black Hole Detection and Recovery,” on page 40 
Section 2.10, “Classless IP Addresses,” on page 40 

Section 2.11, “Non-ARPable Secondary IP Address,” on page 40 
Section 2.12, “TCP Defend Fin Attack,” on page 40 

Section 2.13, “NIC Teaming,” on page 41 

Section 2.14, “Default IP Address,” on page 41 

Section 2.15, “Pragmatic General Multicast,” on page 41 


Section 2.16, “Command Line Utilities,” on page 41 
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2.1 Selective Acknowledgement 


Selective Acknowledgement (SACK) is an improvement over the conventional cumulative 
acknowledgement TCP algorithm that facilitates fewer data retransmissions in lossy networks. 


The selective acknowledgment extension uses two TCP options. The first is an enabling option, 
SACK-permitted, which can be sent ina SYN segment to indicate that the SACK option can be used 
once the connection is established. The SACK-permitted option is a two-byte option. 


The second option is the SACK option itself, which can be sent over an established connection once 
both the sender and the receiver have successfully negotiated the SACK-permit option. Whenever 
there is loss of data, the data receiver can send the SACK option to acknowledge the out-of-order 
data segments. 


For more information, see “Selective Acknowledgement” on page 69. 


2.2 Large Windows 


The Large Windows option facilitates the advertisements of windows larger than 2**16. This is 
useful in high bandwidth long delay networks such as satellite links. It defines an implicit scale 
factor, which is used to scale up the window size value found in a received TCP segment to obtain 
the true window size. With this scaling, receive window advertisements can go up to 1 GB. 


This Large Window option is negotiated when establishing the connection. 


For more information, see “Large Windows” on page 64. 


2.3 Multihoming 


Multihoming enables an interface to assume multiple IP addresses on the same network. 
Multihoming can be used for all IP networks bound to a router. This is irrespective of whether the 
networks are bound to the same interface or to different interfaces. 


The most common use of multiple addresses on the same network is to enable a Web server to 
operate as though it were several Web servers. One application is to use each secondary IP address 
to point to a different Web page on the same Web server, depending on the Domain Name System 
(DNS) name that is used to reach the server. 


Multihoming is also commonly used with network address translation (NAT), the proxy server, and 
the virtual private network (VPN). In all cases, the secondary IP address can be configured on the 
same interface that has the primary IP address, or the secondary address can be configured on a 
different interface. When there are multiple interfaces, the secondary address is associated with the 
interface that is bound to the network that uses the same address. If the secondary address is not 
valid on any of the networks bound to existing interfaces, the address is rejected and an error 
message is produced. 


The multihoming feature has been extended to help configure the stack for load balancing and fault 
tolerance at the Network Interface Card (NIC)/Link level. The TCP/IP stack also supports grouping 
NICs with similar characteristics in order to facilitate load balancing and fault tolerance across them. 


In NetWare 6.5, TCP/IP has two levels of enabling load balancing and fault tolerance: one at the 
system level and another at the local group level. To benefit from this, make sure that you have fully 
enabled TCP/IP at both levels. 
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Five types of multihoming configurations are provided: 


Single NIC Multiple IP Addresses (Different IP Addresses): In this type of multihoming, client- 
to-server traffic can be distributed across the routers. The required level of load balancing can be 
achieved through static routers and dynamic DNS. A dynamic algorithm takes care of the fault 
tolerance. With a static route configuration, the Multiple Default Gateway with Dead Gateway 
Detection support achieves the same results. 


Multiple NIC Multiple IP Address (Different IP Network): This is a normal router 
configuration. All the configuration and the advantages gained by the previous type of multihoming 
are applicable with this type. In addition, load balancing server-to-client traffic across the NICs and 
routers is also possible. This can be achieved with the help of multipath routing. 


Multiple NIC Multiple IP Address (Same IP Network): This type of multihoming allows fault 
tolerance at the Link level. Ifa NIC fails, the load is automatically distributed among the remaining 
healthy NICs to achieve fault tolerance. 


Multiple NIC Single IP Address: The clients use the same IP address to communicate with the 
server. This is achieved through using the round-robin method of distributing the NIC addresses for 
the ARP requests sent by the clients. This solution avoids extra configuration and transparently 
achieves the load balancing for incoming packets. If a NIC fails, the server sends a message to the 
clients to forcefully use them as the other interface’s MAC address. 


You can use both load balancing and fault tolerance with this type of multihoming configuration. 


Secondary IP Address (Multiple Logical Hosts): This type of multihoming allows you to create 
multiple logical hosts that belong to the same network. In a multihoming setup where multiple NICs 
are grouped to support a single network, the secondary IP address with this type of configuration 
supports an option to select one of the NICs in the group. By using the non-ARPable option, these 
addresses can be used as virtual IP addresses for load balancing solutions. Through this option, the 
same IP address can be configured on all servers and the load balancer can distribute the client load 
across these servers. 


For more information, see Section 5.4, “Load Balancing,” on page 95 and Section 5.5, “Fault 
Tolerance,” on page 97. 


2.4 Load Balancing 


With NetWare 6.5, the TCP/IP stack features five new policies for send side load balancing and two 
policies for receive side load balancing: 


+ Section 2.4.1, “Send Side Policies,” on page 35 


+ Section 2.4.2, “Receive Side Policies,” on page 37 


2.4.1 Send Side Policies 


The following send side policies are available with Novell TCP/IP: 


+ “Load Sharing” on page 36 
+ “Round Robin” on page 36 
+ “Based on Load (Round Robin)” on page 36 
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+ “Based on Load (Hashed)” on page 37 
+ “Per Packet Based Load Balancing” on page 37 


Load Sharing 
This policy is enabled by default when load balancing is disabled. 


The IP address-to-interface mapping is based on the destination IP address mapped to a board 
number of a physical interface using a hash function. The entire load (send and receive) to a 
particular destination is handled by the same physical interface, so the load distribution is a linear 
function of the client IP address distribution. If the client IP addresses have an equal number of 
clients mapped to all the interfaces and all the clients have a similar load, this is the best strategy 
because it offers a fairly good load distribution. This strategy is like obtaining load balancing by 
subnetting with the advantage of fault tolerance support and without wasting extra IP addresses. 


The common problem with load sharing is that the clients are relied upon to distribute the load on 
the server. 


Round Robin 
This policy is in effect only when load balancing is enabled. 


This IP address-to-interface mapping assigns each physical interface in turn, ensuring that the load is 
being shared across the available physical interfaces. Because the feature is not based on the current 
load of the interfaces, it does not ensure a balanced load across them. 


In cases where each request is almost identical, the feature provides good load balancing. The 
lifetime of the mapping is the cache lifetime. The problem with load sharing is that the clients are 
relied upon to distribute the load on the server. In this policy, instead of relying on the clients, the 
clients are distributed evenly over the available interface. This strategy is like obtaining load 
balancing by subnetting, with the advantage of fault tolerance support and without wasting extra IP 
addresses. 


Based on Load (Round Robin) 
This policy is in effect only when load balancing is enabled. 


In this IP address-to-interface mapping, the physical interface that is selected is based on the current 
load of the interface. This policy assures some level of load balancing. 


The feature might not guarantee full load balancing, because it chooses the IP address based on the 
current load of the interface, which might change as traffic increases or decreases. This means that 
an intelligent implementation is required that uses considerable information processing. This kind of 
load balancing is critical during high load times, when a more complex decision might add to 
performance degradation. 


Round robin offers a fast and less complex interface selection procedure with nearly equal 
connection distribution on all the interfaces. Load monitoring provides information about the 
distribution of the load. For any imbalance, it can provide an input to the load-balancing module to 
use a less loaded interface for the incoming connection requests. If the imbalance persists for a 
certain time interval, it can clear the cache and restart the interface allotment. This method takes care 
of the card’s capacity as it considers the percentage utilization. 
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The load is monitored based on which the interface is allotted. In this manner, load balancing is 
controlled. The base method for interface selection is Round Robin, but if the selected interface is 
heavily loaded, the next interface in the list is used. 


Based on Load (Hashed) 
This policy is in effect only when load balancing is enabled. 


This policy is similar to “Based on Load (Round Robin)” on page 36. The only difference is that the 
interface selection method uses hashing. 


Per Packet Based Load Balancing 
This policy is in effect only when load balancing is enabled. 


With this policy, the packets are sent through boards in turn. This ensures perfect load balancing but 
cannot guarantee the packets arriving in the order that they were sent, this is because every packet is 
going through a different interface. This feature is also not dependent on the nature of the clients. 


2.4.2 Receive Side Policies 


The following receive side policies are available with Novell TCP/IP: 


¢ Load Balancing When Clients Are Distributed Across the Same Subunit (page 37) 
+ Load Balancing When Clients Are Distributed Across Routers (page 37) 


Load Balancing When Clients Are Distributed Across the Same Subunit 


In all the above solutions of the send side policies, there is be a problem on the receiving side when 
all the cards are bound to the same IP address. A different MAC address is advertised for the same 
IP address in order to distribute the load on the basis of the policy selected for the load balancing, 
because when any active ARP entry expires, an ARP request must be broadcast. At the same time, 
one MAC address (primary in this case) must be sent. On receiving this ARP request, all the clients 
on the same network or routers then update their caches with this new MAC address, so all the load 
is directed to a single interface. 


Load Balancing When Clients Are Distributed Across Routers 


If you have only one router and all the clients are across the router, then load balancing on the 
receiving side cannot be achieved. If the card is half-duplex and is used for sending purpose also, 
then the system performance is seriously affected. The best approach is to use the Only Primary as 
the Receiving Interface policy, so you do not put any load on the receiving card. 


This policy is also effective when there singly one client and the client's card capacity is more than 
server's single card capacity (assuming all cards are half-duplex on the server). In this case, you need 
to apply the Per Packet Based policy along with this policy. 


For more information, see Figure 6-2 on page 125. 





NOTE: Depending on your network configuration, you can select the combination of send side/ 
receive side load balancing to better utilize your network bandwidth. 
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2.5 Fault Tolerance 


With fault tolerance you can monitor the health of the grouped interfaces and detect instances of 
faults such as link failure, NIC failure, and switch failure. When such a fault is detected, the load on 
that interface is diverted to another healthy interface. Fault tolerance works along with load 
balancing to ensure uninterrupted connection between hosts and the server. 


If load balancing is enabled in a system and fault tolerance detects a fault in any interface, it diverts 
the traffic to the less loaded interface in the group. If load balancing is not enabled in a system and a 
fault tolerance detects a fault in the system, it randomly diverts the load to any of the available 
healthy interfaces in the group. When the failed interface recovers, it is put back into the healthy set 
and again the load is redistributed across them. The distribution of load, failover, and redistribution 
of load when the failed interface has recovered takes place in such a way that the flow of data is 
smooth and the TCP/IP connections stay intact throughout. The connected hosts re-map their IP 
addresses to the MAC address, mapping by picking up the broadcast messages sent by the server in 
case of a NIC failure, and they continue to work without any problems. Novell certified drivers are 
capable of detecting faults such as link failure or NIC failure. 


NOTE: For multihoming, if fault tolerance is enabled and if the link is down, the card is not 
connected, or the card has a fatal error (not able to send packets out), a user cannot add a secondary 
IP address. If the user still wants to add a secondary IP address, an error message Cannot allocate 
resources to add secondary IP address is displayed. This indicates that there is no board to 
which an IP address can be bound. 





For more information, see Figure 6-2 on page 125 and Figure 6-4 on page 127. 


2.6 Virtual IP Address 


A Virtual IP address is an IP address that is bound to the Virtual NIC (VNIC) and is a purely virtual 
card that has no real physical counterpart. Conceptually, a Virtual NIC can be thought of as a 
loopback interface with an added external visibility. Similarly, Virtual IP addresses can be thought 
of as loopback address with the 127.0.0.0 IP network constraint removed. Virtual IP addresses are 
different from the regular primary and secondary IP addresses in a very subtle way. They are not 
bound to a physical IP network on the wire. Therefore they are assigned from an exclusive IP 
network number, different from all IP network numbers that are currently assigned to physical 
LANs. 


Virtual IP addresses can be used in two different High Availability configurations: 


+ Redundant LAN configuration: In such a topology, a server hosting a mission critical 
application is configured to reside on two or more different IP networks/subnets. All critical 
services are then configured on the Virtual IP address. The server is also made to run a routing 
protocol that advertises the reachability information to the Virtual NIC address to the other 
machines on the network. 


Hosting of critical applications on the Virtual NIC address removes the dependency of client 
applications to a specific network attachment on the server. As a result, these critical services 
are uniformly accessible even if of one of the LAN attachments on the server fails. 


The failover of the connections to the active LAN segments is ensured by the routing protocol, 
and the failover time is dependent on specific routing protocol used. This is typically of the 
order of 180s in case of RIP. 
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+ Virtual Server farms: Virtual Server farms configured behind an L4 redirector: In such a 
topology, the individual servers in the farm share a single Virtual IP address. Typically, a non- 
ARPable secondary IP address (See Section 2.11, “Non-ARPable Secondary IP Address,” on 
page 40) is used to configure such a Virtual IP address on each of the servers in the farm. 
Alternatively, even Virtual NIC can be configured to host such a Virtual IP address. 


One of the serious limitations of Virtual IP addresses is that each one of them consumes an 
additional IP network address space. This is a serious constraint for a fixed-length subnetted 
environment where a whole chunk of a subnet address space allocated to the Virtual NIC address 
space remains unused. However, for environments that use either Private address space or that use 
Variable Length Subnetting, this should not be a problem. Virtual IP addresses are supported only on 
NetWare 6.5 and are not available in earlier versions. Also, the current release of NetWare 6.5 
supports OSPF, RIP-I and RIP-II as routing protocols for advertising reachability information to the 
Virtual IP networks. 


For more information, see Section 5.16, “Virtual IP Address,” on page 113. 


2.7 Multiple Default Gateway 


This feature extends the existing Default Gateway (Default Router) feature by allowing you to 
configure multiple default gateways on your network. When a default gateway goes offline, the 
Dead Gateway Detection feature detects this and uses the Multiple Default Gateway list to switch to 
the next preferred default gateway, making your network fault tolerant. 


For more information, see “Configuring a Default Gateway (LAN Static Route)” on page 91. 


2.8 Dead Gateway Detection 


This feature is used with the Multiple Default Gateway feature. When the current default gateway 
goes offline, this feature detects the failure and automatically enables the next preferred default 
gateway from the Multiple Default Gateway list to act as the current default gateway. When a dead 
default gateway with a higher preference is again online, this feature detects this and switches back 
to the default gateway with the higher preference. 


For more information, see “Enabling Dead Gateway Detection” on page 94 and “Configuring Dead 
Gateway Detection” on page 94. 


2.8.1 Probe Interval 


This configured parameter lets you fine-tune the performance of the Dead Gateway Detection 
feature by modifying the time interval (in seconds) at which probes are sent to the default gateway to 
determine whether it is functional. 


For more information, see “Configuring the Probe Interval” on page 94. 


2.8.2 Probe Timeout 


This configured parameter sets the time interval (in seconds) after which the next probe is sent to the 
default gateway when no reply is received by the gateway for the previously sent probe. 


For more information, see “Configuring Probe Timeout” on page 95. 
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2.9 Path MTU Black Hole Detection and 
Recovery 


This feature detects a connection failure caused by black hole routers and helps to recover such 
comnections. 


Whenever a router receives a datagram with a Don’t Fragment (DF) bit set in its header and the 
packet size is greater than the next MTU, the router cannot forward the packet. In this case, the 
router sends an ICMP Destination Unreachable DF bit set message to the host. 


However, some routers do not send such a message. Instead, they ignore the datagram. Typically, an 
IP datagram cannot be forwarded because its maximum segment size is too large for the receiving 
server and the Don’t Fragment bit is set in the header of the datagram. Routers that ignore these 
datagrams and send no message are called PMTU black hole routers. Some routers might silently 
drop large frames, even when the DF bit is not set. Firewalls are often misconfigured to suppress all 
ICMP messages. 


To respond effectively to black hole routers, the Novell TCP/IP stack provides a Path MTUBH 
Detect feature, which recognizes repeated unacknowledged transmissions and responds by turning 
off the Don’t Fragment bit. After a datagram is transmitted successfully, the MTUBH Detect feature 
reduces the maximum segment size and turns the Don’t Fragment bit on again. 


The feature specifies the maximum transmission unit size of an interface. Each media type has a 
maximum frame size that can’t be exceeded. The Link layer is responsible for discovering this MTU 
and reporting it to the protocols above it. 


For more information, see “Path MTU Black Hole Detection and Recovery” on page 65. 


2.10 Classless IP Addresses 


The Novell TCP/IP stack implements Classless Inter-Domain Routing (CIDR). It is now possible to 
bind to supernetted addresses with non-natural subnet masks. CIDR also allows binding to one or 
more interfaces. The NetWare system bound to a system in a supernetted IP address environment 
acts as an end node. In such a scenario, forwarding is disabled. 


2.11 Non-ARPable Secondary IP Address 


This feature lets you add a secondary IP address that does not reply to any of the ARP requests 
coming from the network. 


For more information, see Section 5.15, “Secondary IP Address,” on page 111. 


2.12 TCP Defend Fin Attack 


TCP Defend Fin Attack provides a simple, single-tuning option, the Minimum Threshold parameter. 
In the TCP stack, the wait states (FIN_WAIT1, FIN WAIT2, CLOSED WAIT, LAST ACK and 
CLOSING) are arranged in ascending order of importance by determining which of the states are 
less risky to terminate. The order is static. 
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The stack assumes that there is no risk in terminating all connections in a less important state. 
According to the arrangement of states, if a less important connection is overusing resources, then it 
is selected. Alternately, if an important state is overusing resources and the less important states do 
not dominate, 1t would be selected for reset only. At any given point in time, a Minimum Threshold 
number of connections are permitted. 


For more information, see “TCP Defend Fin Attacks” on page 69. 


2.13 NIC Teaming 


INETCFG (inetcfg.nlm) is an Internetworking Configuration utility for the NetWare server. 
inetcfg.nlm It is a server console utility that provides menus for configuring LAN boards, protocols, 
and bindings. In NetWare 6.5, INETCFG supports the configuration of NIC teaming solutions 
provided by third-party drivers such as Compaq* and Dell*. 


Teaming is logically grouping the NICs so that they appear to the operating system as just one 
network interface. The benefits include gaining extra network bandwidth and not needing to deal 
with multiple NIC addresses. Instead, you can assign a single “virtual” IP address to a team of 
adapters. Teaming is effective in cases where you install two or more NICs in a server. 


Most teaming solutions come with failover protection. Teaming allows your network to tolerate the 
failure of one or more adapters within a group, thus offering high availability. In addition, this kind 
of fault tolerance can be configured to work with complete transparency. The remaining NICs in the 
team continue to work if another card stops working or if a cable is disconnected. 


2.14 Default IP Address 


A default IP address is one of the Primary IP addresses configured as the default on the server. If a 
default IP address is not configured, the TCP/IP stack assigns the first bound IP address on the 
server as the default IP address. 


For more information, see Section 5.14, “Default IP Address,” on page 110. 


2.15 Pragmatic General Multicast 


Pragmatic General Multicast (PGM) is a reliable multicast transport protocol. It runs on IP with 
protocol number 113. The API provided to the applications which wants to use PGM is the standard 
BSD sockets interface. 


PGM can be used by applications for transferring a file from one host to a set of hosts that have 
joined the multicast group. It can be used to reduce the distribution time of the data and to reduce the 
load on the distributor. 


To use PGM, the underlying network should be multicast enabled. 


2.16 Command Line Utilities 


NetWare 6.5 provides the following command line utilities: 


+ ARP (page 42) 
+ IFCONFIG (page 42) 
+ NETSTAT (page 42) 
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+ 


NWPING (page 42) 
NWTRACE (page 42) 
ROUTECON (page 43) 
WHOIS (page 43) 


+ 


+ 


+ 


2.16.1 ARP 


Manipulates the system ARP cache. To use this utility, enter the following at the server console: 
arp [-n] -i interface name hostname 
arp [-n] -aarp -d -i interface name hostname 


arp -d -aarp -s -i interface name hostname ether addr [templarp -S -i 
interface name hostname ether addr [templarp -f filename 


2.16.2 IFCONFIG 


Configures network interface parameters. To use this utility, enter the following at the server 





console: 
ifconfig interface name [create] [address family] [address[/prefixlength]] 
[parameters] ifconfig interface name destroy ifconfig -a [-d] [-u] 





[address family] 


ifconfig -1 [-d] [-u] [address family] 


2.16.3 NETSTAT 


Prints network connections, routing tables, interface statistics, and protocol statistics. To use this 
utility, enter the following at the server console: 


netstat [-aLn] [-f address family]netstat [-rn] [-f address family]netstat [- 
bdi] [-I interface] -w wait 


netstat [-p protocol] 


netstat [-s] [-f address family] [-i] [-I interface name] 


2.16.4 NWPING 


Sends ICMP ECHO REQUEST packets to network hosts. To use this utility, enter the following at 
the server console: 


nwping [-afnq] [-c count] [-i wait] [-1 preload] [-p pattern] [-s packetsize] 
[-S src addr] [host] 


2.16.5 NWTRACE 


Prints the routes that packets take to reach the network host. To use this utility, enter the following at 
the server console: 


nwtrace [-Snrv] [-g gw host] [-M min ttl] [-m max ttl] [-p port] [-q nqueries] 
[-s src addr] [-w waittime] host [packetlen] 
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2.16.6 ROUTECON 


This utility can be used to manually manipulate the routing tables. To use this utility, enter the 
following on the server console: 


route route [-nqv] command [[modifiers] args] route [-n] monitor route [-n] 
flush [family] 


2.16.7 WHOIS 


Provides the internet domain name and network number directory service. To use this utility, enter 
the following at the server console: 


whois [-adgimpOrR6] [-h host] name 





TIP: For additional help on any of these commands use [command] -help option at the server 
console. For example, arp -help. 
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Setting Up Novell TCP/IP 


This section describes how to set up the basic components of Novell® TCP/IP. 


You can use the Web-based ® Novell Remote Manager utility (ni rman .n1m) or the INETCFG utility 
to configure the TCP/IP stack. With NetWare 6.5, the two utilities, Novell Remote Manager and 
INETCFG, co-exist. You can use only one of the utilities at a time on a server. However, the changes 
made through one are reflected in the other. During a particular time interval, only one user can 
access the Web-based TCP/IP configuration tool. 


The following topics are included: 


¢ Section 3.1, “Logging In to Novell Remote Manager,” on page 45 
+ Section 3.2, “Loading INETCFG,” on page 46 

¢ Section 3.3, “Configuring a Server,” on page 46 

+ Section 3.4, “Configuring Boards,” on page 47 

+ Section 3.5, “Configuring TCP/IP,” on page 54 

¢ Section 3.6, “Binding Protocols,” on page 56 

¢ Section 3.7, “TCP/IP to Interface Bindings,” on page 56 

¢ Section 3.8, “Viewing TCP/IP Configuration,” on page 57 

+ Section 3.9, “Managing Configurations,” on page 58 


+ Section 3.10, “Options for Reinitializing,” on page 59 


3.1 Logging In to Novell Remote Manager 


1 Open a Web browser and type http: //Server IP address:8008 in the Address field. 
A security alert message displays. 

2 Click Yes to proceed. 
The Novell Remote Manager login screen displays. 


3 Enter the administrator username and password in the login screen to log in to the Novell 
Remote Manager utility. 


3.1.1 Using the TCP/IP Configuration Utility 


While using the TCP/IP Configuration utility in Novell Remote Manager, keep the following 
considerations in mind for all transactions. 


* Click Start TCP/IP Configuration and navigate through the screens. This marks the beginning 
of a transaction. 


* Click Exit TCP/IP Configuration to end the transaction. 





TIP: When you click Exit, the snap-in is available for other users. You can also now load 
INETCFG on the server. 
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+ When you finish making changes to any one of the inner screens, you are prompted to return to 
the TCP/IP Configuration Menu window. 


+ If you click Cancel in any window, the changes made to that window are ignored and you are 
prompted to return to the previous window. 

+ While you are in a transaction, do not close the browser window, click any other link in the left 
pane, or submit requests from previous pages in the browser's history. 


+ Take a maximum of 10 minutes to make the changes on a window. Otherwise, the entire 
transaction becomes invalid. You can modify this period by changing the set parameter 
NIRMan Transaction Time-out Period. 


3.2 Loading INETCFG 


To load INETCFG, enter the following at the server prompt: 
inetcfg 


The Internetworking Console interface is displayed. For the next set of operations you need to select 
options in this interface. 


3.3 Configuring a Server 


1 Click Configure TCPIP in the left pane of Novell Remote Manager to display the TCP/IP 
Configuration window. 


Figure 3-1 TCP/IP main window 
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The TCP/IP Configuration window initiates a new session (transaction) to help you configure a 
server. 
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2 Click the Start TCP/IP Configuration link to display the TCP/IP Configuration menu window. 


Figure 3-2 TCP/IP Configuration menu window 


ZÀ TCP/IP Configuration Menu - Microsoft Internet E 


TCP/IP Configuration Menu 
Configuration Menu 


Configure Boards 


Configure TCP/IP 
TCP/IP to interface Bindings 


Manage Configuration 
View Configuration 
Reinitialize Options 


Exit | 


| JĄ (49 Internet 








The following options are available in this window: 
+ Configuring Boards (page 47) 
+ Configuring TCP/IP (page 54) 
+ TCP/IP to Interface Bindings (page 56) 
+ Managing Configurations (page 58) 
¢ Viewing TCP/IP Configuration (page 57) 
+ Options for Reinitializing (page 59) 


3.4 Configuring Boards 


Configuring, or reconfiguring, a board involves choosing a driver for the board, assigning a name to 
the board, and configuring the board parameters. 


When you select and configure a LAN board, you are actually configuring one or more physical 
interfaces that correspond to individual connections over which packets are routed. Configuring a 
board causes the driver associated with the board to load each time you initialize the router. 


Most drivers that are compatible with NetWare” software have a driver description file that defines 
the hardware parameters necessary for the driver to operate with the board you select. This file, 
sometimes called the .1di file, also specifies the valid range of values for each parameter. If a driver 
has a .1di file, the parameters associated with that driver are presented in the Board Configuration 
menu; you simply choose a value for each parameter. If a driver has no 1di file, you must enter the 
required values in the Board Parameters field. 


You can configure a board by using Novell Remote Manager or INETCFG. 


+ Section 3.4.1, “Using Novell Remote Manager to Configure a New Board,” on page 48 
+ Section 3.4.2, “Using INETCFG to Configure a Board,” on page 51 


Setting Up Novell TCP/IP 


47 


3.4.1 Using Novell Remote Manager to Configure a New Board 


1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration. 


The TCP/IP Configuration menu window is displayed. 
2 Click Configure Boards to display the List of Configured Boards window. 


Figure 3-3 List of Configured Boards Window 
A Configured Boards : TCPIP-IPMGMT - Microsoft Internet Explorer 


List of Configured Boards 


Board Name Driver Interrupt 1/0 Base Memory Base Slot Status Comment 
CE100B_1 CE100B - - - 3 | Enabled y] Transferred from AUTOEXEC.NCF 


CE100B_2 CE100B - = = 5 |Enabled +] 


Save | Cancel | Ada | Reset 








[EE Local intranet 


[Æ] javascript:5ubmitModify( CE100B_2') 


The List of Configured Boards window helps you configure new boards and change properties 
of preconfigured boards. 

You can enable or disable the status of a board. 

If you are doing a new configuration, no existing boards is shown. Otherwise, boards that have 
already been configured are shown. 


3 Click Add to display the Select a Driver window. 
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Figure 3-4 Select a Driver Window 
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4 Scroll through the list of available drivers and select the driver that corresponds to the type of 
new LAN board you are installing in your system. If the driver you need is not in the list, you 
need to manually copy the required driver from a diskette to the sys: system or 
\nwserver\drivers directory. 
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To add a driver to the list of available drivers, insert the diskette containing the driver in one of 
the disk drives, enter the complete path and filename of the driver at the server console (for 
example, a: \newdrv\driver). The driver and its description file, if any, are copied into the 
sys:/system OT /nwserver/drivers directory. 


5 Click any driver_name under Driver to display the New Board Configuration board_name 
window. 


You can enter the following information in this window: 
+ Board Name: Name you assign to the board 
+ Driver: Name of the driver associated with the board 
¢ Int: Interrupt request level (IRQ) used by the board 
+ IOAddr: Base input/output port address for the board 
+ memAddr: Base memory address used by the board 
+ Slot: Number of the slot where the board is installed 
¢ Status: Status of the board, which is Enabled by default 
+ Comment: Any comments that you enter about the board or its configuration 


NOTE: Not every board-driver configuration requires all this information; the number of 
parameters displayed is specific to each board. 





6 Use the online help to enter the required details that are specific to each board. 
7 Click Save > Back to save your changes and return to the List of Configured Boards window. 


The List of Configured Boards window now shows the board you just configured. Note that the 
board status is Enabled; you can toggle between Enabled and Disabled. To ensure that the 
board is loaded, continue with the next step. 


8 Click Save to save your changes and return to the TCP/IP Configuration Menu window. 


After a data-link protocol has been associated with the board, click Reinitialize System or 
restart the router to make the changes take effect. 


If there are any conflicts with the hardware parameters of other boards, one or more messages 
describe them. You must determine whether the conflicts are acceptable or whether they 
interfere with the operation of the router and, if necessary, resolve them. 


LAN boards with a single network interface need no further configuration; however, an 
enabled driver is not loaded unless a protocol is bound to it. 


You can also use Novell Remote Manager to modify or delete an existing board. 
+ “Modifying Existing Board's Configuration” on page 50 
+ “Deleting a Board” on page 51 

Modifying Existing Board's Configuration 


1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
Configure Boards. 
2 In the List of Configured Boards window, click any board_name under Board Name. 


The Board Modification [board_name] window is displayed. 
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Figure 3-5 Board Modification [board_name] Window 


A Configured Boards : TCPIP-IPMGMT - Microsoft Internet Explorer -loj xi 
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3 Change the required parameters. The Board Name cannot be modified. 
4 Click Save > Save to save your changes and return to the TCPIP Configuration Menu window. 


5 Ifyou want these changes to take effect immediately, click Reinitialize Options. 


Deleting a Board 


1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
Configure Boards > board name under Board Name. 
The Board Modification [board name] window is displayed. 

2 Click Delete. The system displays the following message: 
BINDs to interfaces on this board will also be deleted. Proceed? 


3 Click OK to delete the board. 


3.4.2 Using INETCFG to Configure a Board 


1 At the server console, enter INETCFG, then click Boards. 





The Internetworking Console interface is displayed. For the next set of operations, you need to 
select options 


2 (Conditional) If you are configuring a new board: 
2a Press the Insert key to display the list of available drivers. 


2b Scroll through the list of available drivers and select the driver that corresponds to the type 
of new LAN board you are installing in your system. If the driver you need is not in the 
list, refer to “Adding a New Board Driver or NLM File to Your System” on page 53. 


3 (Conditional) If you are changing an existing board configuration: 


3a Select that board. 
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3b Press Enter to see the configured parameters of the board. 
3c Change the required parameters. (The name cannot be changed.) 
The Configured Boards screen is displayed. 


If you are doing a new configuration, no existing boards are shown. Otherwise, boards that 
have already been configured are shown. 


The Configured Boards screen displays a list of configured boards with some or all of the 
following information: 


+ Board Name: Name you assign to the board. 

+ Driver: Name of the driver associated with the board. 

¢ Int: Interrupt request level (IRQ) used by the board. 

+ IOAddr: Base input/output port address for the board. 

+ MemAddr: Base memory address used by the board. 

+ Slot: Number of the slot where the board is installed. 

+ Status: Status of the board, which is Enabled by default. 

+ Comment: Any comments that you enter about the board or its configuration. 


Not every board-driver configuration requires all this information; in fact, some 
configurations require other link-specific parameters that are not shown in the Configured 
Boards screen. These parameters are displayed in the Board Configuration menu, as 
described in the following steps. 


If the board driver has a .1di file, the parameters you need to configure for the board are 
displayed as separate fields in the menu. 


If the board driver has no .1di file, only the Board Name, Board Parameters, and 
Comment fields are provided as a means for entering the parameters manually. 


4 Specify the board parameters by doing one of the following: 


+ Ifthe driver selected has a description file, the parameters are listed as separate fields. You 
must select each field one at a time and select the appropriate value for the parameter from 
the displayed list. 





TIP: Use the context-sensitive help text if you need an explanation of any parameter. 
Select the parameter and press F1 to display the help text. Press Esc to exit the help screen. 
When in doubt, accept the default values. 





¢ Ifthe driver selected does not have a description file, the Board Configuration Without A 
Driver Description File menu is displayed. You must type the parameters in the Board 
Parameters vfield; use the following as an example: 


PORT=300 INT=3 
These parameters are appended to the LOAD driver line. 
5 Press Esc to return to the Configured Boards screen; save your changes when prompted. 


The Configured Boards screen now shows the board you just configured. The board status is 
Enabled; you can use the Tab key to toggle between Enabled and Disabled. To ensure that the 
board is loaded, continue with Step 6. 


6 Press Esc to return to the Internetworking Configuration menu; save your changes when 
prompted. 
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7 After a data-link protocol has been associated with the board, select Reinitialize System or 
restart the router to make the changes take effect. 


If there are any conflicts with the hardware parameters of other boards, one or more messages 
describe them. You must determine whether the conflicts are acceptable or whether they 
interfere with the operation of the router and, if necessary, resolve them. 


LAN boards with a single network interface need no further configuration; however, an 
enabled driver is not loaded unless a protocol is bound to it. 


You can also use INETCFG to add a board driver, or to enable or disable a board. 


+ “Adding a New Board Driver or NLM File to Your System” on page 53 
+ “Enabling or Disabling a Board” on page 53 
+ “Deleting a Board” on page 53 


Adding a New Board Driver or NLM File to Your System 
1 Load INETCFG, then click Boards. 


2 Press Insert to display the list of available drivers. 
3 Press Insert again. 

All the available Novell certified drivers appear on the screen. 
4 Select the driver, then press Enter. 


You can also use this screen for copying drivers and NLM files from a diskette to the 
sys: (system directory. 


To add a driver to the list of available drivers, insert the diskette containing the driver in one of 
the disk drives, specify the complete path and filename of the driver (for example, 

a: \newdrv\driver) and then press Enter. The driver and its description file are copied into 
the sys : system directory. (The file extension is not required.) 


5 Configure the new board as described in “Using INETCFG to Configure a Board” on page 51. 


Enabling or Disabling a Board 


1 Load INETCFG, then click Boards. 
2 Select the board you want to enable or disable and press the Tab key. 
The screen displays the board’s new status (Enabled or Disabled). 





IMPORTANT: If you disable a board that uses an AIO or CAPI driver and you reinitialize the 
system, then all other boards that use the same driver are also disabled. If this happens, you 
must restart the server to reload all instances of the driver that were loaded for another product 
in autoexec.ncf (without INETCFG). However, the board loaded in autoexec.ncf remains 
inoperable until you restart the server or until you enter the LOAD command at the console and 
reinitialize the system. To avoid this problem, use INETCFG to load both drivers. 





3 Press Esc to return to the Internetworking Configuration menu. 


Deleting a Board 


1 Load INETCFG, then click Boards 
2 Select the board you want to delete and press the Delete key. 
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A message is displayed indicating that deleting the board also deletes all existing binds to the 
board’s interfaces. 


3 When prompted, select Yes to delete the board. 
The board is removed from the list of configured boards. 
4 Press Esc to return to the Internetworking Configuration menu. 


5 Reinitialize system for the changes to take place. 


3.5 Configuring TCP/IP 


You can use Novell Remote Manager or INETCFG to configure the TCP/IP protocols. 


¢ Section 3.5.1, “Using Novell Manager,” on page 54 
¢ Section 3.5.2, “Using INETCFG,” on page 56 


3.5.1 Using Novell Manager 


1 Click Configure TCP/IP in the TCP/IP Configuration Menu window to display the TCP/IP 
Protocol Configuration window. 
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Figure 3-6 TCP/IP Protocol Configuration Window 
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The TCP/IP Protocol Configuration window helps you to configure the TCP/IP related 
properties of the stack. 


The functionality of this window is the same as the INETCFG screens. However, some of the 
INETCFG screens have been merged into one window here. Some of the important fields are 
described here: 


Generic Configuration: These are the general properties of TCP/IP. The Routing 
Configuration properties related to OSPF, RIP and LAN static can be set here. You can also set 
the default IP address of the machine from among the configured IP addresses. 


Expert Configuration: These properties are related to specific features of the stack, such as 
load balancing, fault tolerance, outbound VIPA support and filtering. The user can configure 
any of these to suit the needs of the scenario that the stack is running in. 


The View/Modify tab is provided in some of the fields to further view or modify the particular 
properties. 


Select the settings you want, then click Save to save the settings and exit the window. 
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3.5.2 Using INETCFG 


1 Load INETCFG, then click Protocols. 
2 Select TCP/IP from the list of protocols. 
3 Inthe TCP/IP screen, enable or disable the following: 
+ TCP/IP 
+ IP Packet Forwarding 
+ OSPF 
+ LAN Static Routing 
+ Dead Gateway Detection 
+ SNMP Manager 
+ DNS Resolver 
+ Load Balancing 
¢ Fault Tolerance 
¢ Filter Support 
+ NAT Implicit Filtering 
+ Expert Configuration 


3.6 Binding Protocols 


1 Load INETCFG, then click Binding. 
2 Select a protocol. 


You need to enter data in terms of Protocol, Interface/Group, Status and Identifier. There might 
be instances when you need to enter data in the screens still to come and that is reflected here. 


3 Enter the relevant parameter information in the Binding TCP/IP to a LAN interface screen, then 
click Configure TCP/IP Bind options. 


4 Either set both the Group Interface for LB/FT and Set as Primary Interface to Yes or set the first 
one to No. 


Setting the first to No enables RIP Bind Options, OSPF Bind Options and Expert TCP/IP Bind 
Options. Choose the relevant screen and enter the data into it. 


3.7 TCP/IP to Interface Bindings 


1 Click the TCP/IP to interface Bindings link in the TCP/IP Configuration Menu window to 
display the List of Configured Bindings for TCP/IP window. 
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Figure 3-7 List of Configured Bindings for TCP/IP Window 
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This List of Configured Bindings for TCP/IP window helps you to configure new or 
preconfigured TCP/IP bindings, local IP addresses, subnet mask, and the secondary IP address 
of a binding. It also helps you to configure other binding options, such as: 


+ RIP 

+ OSPF 
* ARP 
* NAT 


This window displays the list of already configured bindings, their interface name, status, and 
the bound IP address. 


2 Click any of the entries under Interface to modify the properties of that particular binding. 
3 Click Add to add a new binding. 


3.8 Viewing TCP/IP Configuration 


1 Click the View Configuration link in the TCP/IP Configuration Menu window to display the 
View Configuration Menu window. 


Figure 3-8 View Configuration Menu Window 
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The View Configuration window displays the configuration of all the boards and TCP/IP and 
individual bindings on a server. 


The following options are available in this window: 
+ AIIINETCFG Commands: Displays all the INETCFG generated commands. 
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LAN Board Commands: Displays all the load and bind commands related to the 
configured LAN boards. 


WAN Board Commands: Displays all the load and bind commands related to the 
configured WAN boards. 


Protocol Commands: Displays all the load commands related to the TCP/IP protocol. 


Protocol Bind Commands: Displays all the bind commands related to the TCP/IP 
protocol. 


Configure Summary: Displays a summary of all the server configurations. 


Console Messages: Displays all the configuration-related console messages listed on the 
server. 


Load commands are used to load a particular board or protocol. Bind commands are used to 
configure a particular binding on a board with a protocol. 


2 Then click Save to save the settings and exit the window. 


3.9 Managing Configurations 


1 Click the Manage Configuration link in the TCP/IP Configuration Menu window to display the 
Manage Configuration Menu window. 


Figure 3-9 Manage Configuration Menu Window 
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The Manage TCP/IP Configuration window helps you to manage your existing server 
configurations. 


The following options are available in this window: 


+ 


+ 


+ 


Configure SNMP Parameters: Lets you enter parameters for snmp .nlm. 


Export Configuration: Lets you export the existing server configuration files to a 
specified location on the NetWare server. 


Import Configuration: Lets you import a configuration file and merge it with the 
existing configuration files. 


Configure Remote Console Access: Lets you set the username and password for 
remotely accessing the server. 


Edit AUTOEXEC.NCE: Lets you edit and save the autoexec.ncf file. 


2 After you finish changing the settings, click Save to save the settings and exit the window. 
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3.10 Options for Reinitializing 


1 Click the Reinitialize Options link on the TCP/IP Configuration Menu window to display the 
Reinitialize Options window. 


Figure 3-10 Reinitialize Options Window 
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The Reinitialize Options window helps you to see the effect of the changes made in the 
previous windows or to activate the recent changes made to the stack. You can do the following 
here: 


+ Reinitialize System keeps your server running and makes the changes. 


+ Restart Serverreboots the machine and displays the effect of the changes. 
To activate your system: 
1 Click Reinitialize System. 


The system prompts you with the message: 


Do you want to continue? 
2 Click OK in the dialog box. 


This process takes a few seconds and meanwhile, the system displays the following message in 
progress as shown in the figure: 


Figure 3-11 Reinitialize System - in Progress message box 


E] TCP/IP Configuration - Microsoft Internet Explorer 


Reinitialize System 


The current configuration is being activated and PKI 
Certificates are being created for any new IP Addresses 
that have been bound. PKI Certification creation will take 
a few minutes. 


This pages refreshes automatically, Please wait, 








[F Connecting to site 16 || | [B [© Internet 


After the process is complete, the system displays the following message: 
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Figure 3-12 Reinitialization System - Process complete message box 
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Log file for PKI certificate creation: Sun Aug 4 15:33:18 2002 
PKI Certificate creation for IP Address 172.16.1.1 was successful, 


"END 


ox] 


„Ad 
3 This message displays the PKI certificate creation for the available IP address. 
4 Click OK to return to the Reinitialize window. 

To restart the server: 


1 Click Restart Server in the Reinitialize Options window. The system prompts you with the 
following message: 


Do you want to continue? 


2 Click OK to restart the server. 
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SET Parameters 


This section discusses how to use SET parameters to change some of the default parameters or to 
enable or disable the various features provided in Novell® TCP/IP stack. 


Configuration Using SET Options: The following SET options allow you to configure certain 
parameters from the command line on the host. The SET options are entered at the server console as 
commands, and the configuration changes made this way are applied to the whole system rather than 
to an individual interface. 


+ 


+ 


+ 


Section 4.1, “ARP Cache Stale Timeout,” on page 62 

Section 4.2, *ARP Cache Update Timeout,” on page 62 

Section 4.3, “BSD Socket Default Buffer Size,” on page 62 

Section 4.4, “Discard Oversized Ping Packets,” on page 63 

Section 4.5, “Discard Oversized UDP Packets,” on page 63 

Section 4.6, “IP Address Duplicates,” on page 63 

Section 4.7, “IP Load Sharing,” on page 63 

Section 4.8, “Large Windows,” on page 64 

Section 4.9, “Largest Ping Packet Size,” on page 64 

Section 4.10, “Largest UDP Packet Size,” on page 64 

Section 4.11, “Maximum Packet Receive Buffers,” on page 64 

Section 4.12, “Maximum Pending TCP Connection Requests,” on page 64 
Section 4.13, “Minimum Packet Receive Buffers,” on page 65 

Section 4.14, “Path MTU Black Hole Detection and Recovery,” on page 65 
Section 4.15, “PGM Data Ambient SPM Ratio,” on page 65 

Section 4.16, *PGM Last Packet Timer Time," on page 65 

Section 4.17, “PGM Maximum Burst Rate,” on page 66 

Section 4.18, “PGM Maximum Burst Time,” on page 66 

Section 4.19, “PGM Minimum Inter-Heartbeat Time,” on page 66 
Section 4.20, “PGM Maximum Cumulative Transfer Rate,” on page 66 
Section 4.21, “PGM Maximum Inter-Heartbeat Time,” on page 66 
Section 4.22, “PGM NAK Random Back-off Time,” on page 67 
Section 4.23, “PGM NAK Retries for RDATA,” on page 67 

Section 4.24, “PGM NAK Retries for NCF,” on page 67 

Section 4.25, “PGM NCF Wait Time,” on page 67 

Section 4.26, “PGM Packet Size,” on page 67 

Section 4.27, *PGM RDATA Wait Time,” on page 68 

Section 4.28, “PGM Receive Fin Timer Time,” on page 68 

Section 4.29, “PGM Sender TTL,” on page 68 
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+ Section 4.30, “PGM Transit Window Advance Time,” on page 68 
+ Section 4.31, “PGM Transit Window Size,” on page 68 

+ Section 4.32, “RIP II Aggregation of Routes,” on page 69 

¢ Section 4.33, “Selective Acknowledgement,” on page 69 

+ Section 4.34, “TCP Diagnostic Services,” on page 69 

+ Section 4.35, “TCP Defend Fin Attacks,” on page 69 

+ Section 4.36, “TCP Defend Land Attacks,” on page 69 

+ Section 4.37, “TCP IP Maximum Small ECBs,” on page 70 

+ Section 4.38, “TOS Value,” on page 70 

+ Section 4.39, “NIRMan Transaction Time-out Period,” on page 70 
+ Section 4.40, “UDP Minimum Port limit,” on page 70 

¢ Section 4.41, “UDP Maximum Port Limit,” on page 71 

+ Section 4.42, “TCP Minimum Port Limit,” on page 71 

+ Section 4.43, “TCP Maximum Port Limit,” on page 71 

+ Section 4.44, “Preserve Secondary IP Address,” on page 71 


4.1 ARP Cache Stale Timeout 


Syntax set arp entry expiry time = n 


Description: Specifies a timeout period (in seconds) for a cache table entry to be removed 
from the ARP cache table if the entry has not been used for some time. 


Range: 240 to 14400 (seconds) 
Default: 300 


4.2 ARP Cache Update Timeout 


Syntax: set arp entry update time = n 


Description: Specifies a timeout period for a cache table entry to be removed from the 
ARP cache table if the entry has not been updated. 


Range: 240 to 14400 (seconds) 
Default: 300 


4.3 BSD Socket Default Buffer Size 


Syntax: set bsd socket default buffer size in bytes = n 
Description: Sets the BSD Socket default send and receive buffer sizes. 
Range: 4096 to 1073741824 (bytes) 
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Default: 


32768 


4.4 Discard Oversized Ping Packets 


Syntax: 


Description: 


Range: 


Default: 


set discard oversized ping packets = string 


Enables or disables discarding ping packets of size larger than the current 
ping packet size that is set to be received. 


On | Off 
On (enabled) 


4.5 Discard Oversized UDP Packets 


Syntax: 


Description: 


Range: 


Default: 


set discard oversized udp packets = string 


Enables or disables discarding UDP packets of size larger than the current 
ping packet size that is set to be received. 


On | Off 
On (enabled) 


4.6 IP Address Duplicates 


Syntax: 


Description: 


Range: 


Default: 


set allow ip address duplicates = string 


Binds the IP address even if it conflicts with another node in the network. 
(TCP/IP normally will does not allow you to bind IP addresses that conflict 
with other nodes in the network.) 


On | Off 
Off (disabled) 


4.7 IP Load Sharing 


Syntax: 


Description: 


Range: 


Default: 


set ip load sharing = string 


The flag is effective for a network only if the Load Balancing is disabled for 
the network. 


On | Off 
On (enabled) 
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4.8 Large Windows 


Syntax: set tcp large window option = string 
Description: Enables or disables the Large Window option. 
Range: On | Off 

Default: On (enabled) 


4.9 Largest Ping Packet Size 


Syntax: set largest ping packet size = n 

Description: Sets the size of the largest ping packet that can be received. 
Range: 0 to 36992 (bytes) 

Default: 10240 


4.10 Largest UDP Packet Size 


Syntax: set large udp packet size = n 

Description: Sets the size of the largest UDP packet that can be received. 
Range: 0 to 36992 (bytes) 

Default: 33792 


4.11 Maximum Packet Receive Buffers 


Syntax: set maximum packet receive buffers = string 
Description: Allocates the maximum packet receive buffers to the server. 


This option can be set in the autoexec.ncf file. You can also use this 
option to fine-tune the server when it is stressed. 


Range: 50 to 3303820 (packets) 
Default: 10000 


4.12 Maximum Pending TCP Connection 


Requests 
Syntax: set maximum pending tcp requests = n 
Description: Sets the maximum number of pending TCP connections. 
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Range: 128 to 4096 
Default: 128 


4.13 Minimum Packet Receive Buffers 


Syntax: set minimum packet receive buffers = string 
Description: Allocates the minimum packet receive buffers to the server. 


This option can be set in the autoexec.ncf file. You can also use this 
option to fine-tune the server when it is stressed. 


Range: 10 to 32768 (packets) 
Default: 2000 


4.14 Path MTU Black Hole Detection and 
Recovery 


Syntax: set tcp path mtu black hole detection and recovery = string 

Description: Enables or disables the Path MTU Black Hole Detection and Recovery 
option. 

Range: On | Off 

Default: Off (disabled) 


4.15 PGM Data Ambient SPM Ratio 


Syntax: set pgm data ambient spm ratio = n 

Description: Number of data packets after which an ambient SPM should be sent 
Range: 1 to 10 

Default: 4 


4.16 PGM Last Packet Timer Time 


Syntax: set pgm last packet timer time = n 


Description: Time (in milliseconds) to wait before declaring that the last packet in the 
stream is lost 


Range: 50 to 1000 
Default: 600 
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4.17 PGM Maximum Burst Rate 


Syntax: set pgm maximum burst rate = n 

Description: Maximum burst rate (in bytes/sec) for a PGM sender 
Range: 1000 to 500000000 

Default: 250000 


4.18 PGM Maximum Burst Time 


Syntax: set pgm maximum burst time = n 

Description: Maximum burst time (in PGM ticks) for a PGM sender 
Range: 1to 10 

Default: 3 


4.19 PGM Minimum Inter-Heartbeat Time 


Syntax: set pgm minimum inter-heartbeat time = n 

Description: Minimum inter-heartbeat time (in milliseconds) for a PGM sender 
Range: 10 to 1000 

Default: 50 


4.20 PGM Maximum Cumulative Transfer Rate 


Syntax: set pgm maximum cumulative transfer rate = n 
Description: Maximum Transfer Rate (in bytes/sec) for a PGM sender 
Range: 1000 to 25000000 

Default: 125000 


4.21 PGM Maximum Inter-Heartbeat Time 


Syntax: set pgm maximum inter-heartbeat time = n 

Description: Maximum inter-heartbeat time (in milliseconds) for a PGM sender 
Range: 40 to 4000 

Default: 2000 
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4.22 PGM NAK Random Back-off Time 


Syntax: 
Description: 
Range: 


Default: 


set pgm nak random back-off time = n 

Random back-off interval (in milliseconds) before sending NAKs 
10 to 500 

100 


4.23 PGM NAK Retries for RDATA 


Syntax: 


Description: 


Range: 


Default: 


set pgm nak retries for rdata = n 


Number of NAK data retries before declaring an unrecoverable data error for 
a PGM receiver 


2 to 10 
5 


4.24 PGM NAK Retries for NCF 


Syntax: 
Description: 
Range: 


Default: 


set pgm nak retries for ncf = n 

Number of NAK retransmissions without getting NCF 
2 to 10 

5 


4.25 PGM NCF Wait Time 


Syntax: 
Description: 
Range: 


Default: 


set default value of nak retransmission timeout for pgm receiver = n 
NAK retransmission timeout (in milliseconds) for a PGM receiver 
10 to 500 

100 


4.26 PGM Packet Size 


Syntax: 
Description: 
Range: 


Default: 


set pgm packet size = n 

Size (in bytes) of outgoing PGM data packets 
200 to 5000 

1200 
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4.27 PGM RDATA Wait Time 


Syntax: set pgm rdata wait time = n 

Description: Time (in milliseconds) after which NAK will be sent again if RDATA is not 
received 

Range: 10 to 500 

Default: 10 


4.28 PGM Receive Fin Timer Time 


Syntax: set pgm receive fin timer time = n 
Description: Receive Fin Timer Time (in milliseconds) 
Range: 200 to 5000 

Default: 2000 


4.29 PGM Sender TTL 


Syntax: set pgm sender ttl = n 

Description: TTL (in ) for outgoing PGM packets 
Range: 1to 10 

Default: 2 


4.30 PGM Transit Window Advance Time 


Syntax: set pgm transmit window advance time = n 

Description: Interval (in milliseconds) after which the PGM sender window will be 
advanced 

Range: 10 to 5000 

Default: 400 


4.31 PGM Transit Window Size 


Syntax: set pgm transmit window size = n 
Description: Size of send windows (in milliseconds) for a PGM sender 
Range: 100 to 20000 
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Default: 


2000 


4.32 RIP II Aggregation of Routes 


Syntax: 


Description: 


Range: 


Default: 


set rip2 aggregation override = on | off 


If this option is set to On, the server does not aggregate subnet routes in the 
routing updates while crossing network boundaries 


On | Off 
Off (disabled) 


4.33 Selective Acknowledgement 


Syntax: 
Description: 
Range: 


Default: 


set tcp sack option = string 

Enables or disables the SACK option 
On | Off 

On (enabled) 


4.34 TCP Diagnostic Services 


Syntax: 


Description: 


Range: 


Default: 


set tcp udp diagnostic services = string 


Enables or disables the echo, discard, and chargen TCP diagnostic services 
on the NetWare® system. 


On | Off 
Off (disabled) 


4.35 TCP Defend Fin Attacks 


Syntax: 
Description: 
Range: 


Default: 


set maximum wait states = n 

Enables or disables defense against Fin attacks. 
1 to 100000 

0 (disabled) 


4.36 TCP Defend Land Attacks 


Syntax: 


set tcp defend land attacks = string 
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Description: 
Range: 


Default: 


Enables or disables defense against land attacks. 
On | Off 
On (enabled) 


4.37 TCP IP Maximum Small ECBs 


Syntax: 


Description: 


Range: 


Default: 


set tcp ip maximum small ecbs = string 

Changes the maximum number of small ECBs on the server. 

You can also use this option to fine-tune the server when it is stressed. 
512 to 65534 (packets) 

1024 


4.38 TOS Value 


Syntax: 


Description: 


Range: 


Default: 


set tos for ip packets = n 


Specifies a TOS value for all the outgoing IP datagrams through this 
interface. 


Assign a value to set the TOS and the precedence bits of the IP header for 
outgoing packets. To set only TOS bits, use a value between 0 and 15. To set 
the TOS and the precedence bits, use a value between 0 and 127. 


0 to 127 
0 


4.39 NIRMan Transaction Time-out Period 


Syntax: 


Description: 


Range: 


Default: 


set nirman transaction time-out period = n 


Transaction time-out period (in minutes) for NIRMan. The change comes 
into effect the next time you attempt to configure using NIRMan. 


1 to 15 
10 





TIP: If you want to see the current value, do not assign any variable to set the parameter. 





4.40 UDP Minimum Port limit 


Syntax: 


set UDP Min Port Limit = n 
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Description: 


Range: 


Default: 


This is set to modify the lower limit of UDP ephemeral port range. This value 
must be less than or equal to UDP Max Port Limit. This can only be set in the 
startup ncf file. 


1024 to 54999 
1024 


4.41 UDP Maximum Port Limit 


Syntax: 


Description: 


Range: 


Default: 


set UDP Max Port Limit = n 


This is set to modify the upper limit of UDP ephemeral port range. This value 
must be greater than or equal to UDP Min Port Limit. This can only be set in 
the startup ncf file. 


4999 to 54999 
5000 


4.42 TCP Minimum Port Limit 


Syntax: 


Description: 


Range: 


Default: 


set TCP Min Port Limit = n 


This is set to modify the lower limit of TCP ephemeral port range. This value 
must be less than or equal to TCP Max Port Limit. This can only be set in the 
startup ncf file. 


1024 to 54999 
1024 


4.43 TCP Maximum Port Limit 


Syntax: 


Description: 


Range: 


Default: 


set TCP Max Port Limit = n 


This is set to modify the upper limit of TCP ephemeral port range. This value 
must be greater than or equal to TCP Min Port Limit. This can be set in the 
startup ncf file. 


4999 to 54999 
54999 


4.44 Preserve Secondary IP Address 


Syntax: 


Set Preserve Secondary Ipaddress after Reinitialize System = on | off 
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Description: If this option isset to ON, TCPIP makes its best effort to preserve the 
Secondary IP addresses added through using the command add 
secondary ipaddress x.y.z.w after Reinitialize System. If it is set to 
OFF, TCPIP does not make that effort. This can be set in the startup ncf file. 


Range: on | off 


Default: on 
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Configuring Protocols 


The Novell® TCP/IP software provides a set of configurable parameters with which you can modify 
operational characteristics of the Internet Protocol (IP). You can select its routing protocol and 
configure it to run over a LAN. In NetWare® 6.5, configuration over WAN connections is not 
supported. 


To configure IP, you enable the protocol, set its parameters, and bind it to a network interface. You 
can configure all IP parameters from the Novell Remote Manager utility. 


To understand what decisions must be taken before you configure TCP/IP beyond its most basic 
configuration, refer to Appendix A, “Planning Your Advanced Configuration,” on page 139. 





NOTE: The configuration you specify with Novell Remote Manager does not take effect 
automatically. To activate the configuration, save your changes and click Reinitialize Options in the 
TCP/IP Configuration Menu window. 





The following protocol configurations are discussed in this section: 


+ Section 5.1, “RIP,” on page 73 

+ Section 5.2, “OSPF,” on page 79 

¢ Section 5.3, “Static Routes for LANs,” on page 88 

+ Section 5.4, “Load Balancing,” on page 95 

+ Section 5.5, “Fault Tolerance,” on page 97 

+ Section 5.6, “Router Discovery,” on page 98 

+ Section 5.7, “Type of Service (TOS),” on page 100 

+ Section 5.8, “ARP,” on page 102 

+ Section 5.9, “Directed Broadcast Forwarding,” on page 105 
+ Section 5.10, “Source Route Packet Forwarding,” on page 106 
+ Section 5.11, “BOOTP Forwarding,” on page 107 

+ Section 5.12, “EGP,” on page 108 

+ Section 5.13, “Multiple Logical Interfaces,” on page 108 

+ Section 5.14, “Default IP Address,” on page 110 

+ Section 5.15, “Secondary IP Address,” on page 111 

+ Section 5.16, “Virtual IP Address,” on page 113 

+ Section 5.17, “NIC Teaming Solution,” on page 117 


5.1 RIP 


RIP is probably the most common IP routing protocol in use. It is widely available and presents few 
obstacles to interoperability with other IP internetworks, most notably the Internet. 
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RIP performs sufficiently well in small IP internetworks that have simple architectures and few 
routers. However, RIP reveals its limitations in the large, complex internetworks that have become 
common in government and private-sector organizations throughout the world. Its most apparent 
limitations are the following: 


+ All subnets must be contiguous 


+ RIP routes are limited to 15 hops 


To overcome or ease some of these limitations, the internetworking community developed various 
enhancements to RIP. RIP II, for example, is an enhanced version of RIP that supports variable- 
length subnet masks. It carries a field that contains the subnet mask of the destination network. RIP 
II also supports the use of subnet zero, whose addresses were reserved under the original IP 
specification. When configuring RIP on your router, you can run RIP I, RIP II, or both on a single 
interface. 





NOTE: Not all third-party routers support RIP II. 





You can also enable poison reverse on an interface. This is a mechanism that causes RIP to advertise 
a route back through the same path from which it learned the route, but with a hop count of 16, that 
is unreachable. Although poison reverse prevents routing loops, the unreachable routes carried in 
each RIP packet increase the bandwidth consumed by RIP traffic. This increase becomes significant 
in large internetworks. 


RIP enables you to assign a cost value between | and 15 to each network interface you configure. 
This enables you to establish a preferred route according to the type of network media connected to 
the interface. For example, you might want to increase the cost of an interface that uses a slow link 
so that, given the choice, RIP uses the interface to a faster, less costly link. The default cost for each 
interface is 1. Do not increase this value on an interface unless you want to discourage its use as an 
eligible routing path. 


When choosing an IP routing protocol, consider the following guidelines: 
¢ Ifthe IP internetwork is small and uses no routing protocol other than RIP, continue using RIP. 
To configure RIP on the router, see Section 5.1, “RIP,” on page 73. 


However, if the network will continue to grow and perhaps become part of a larger IP 
internetwork, you should consider migrating the network from RIP to OSPF (See Section 5.2, 
“OSPF,” on page 79). 


¢ Ifthe internetwork uses variable-length subnets or has third-party routers that support RIP I, 
use RIP II or OSPF. 


To configure RIP Il, see Section 5.1, “RIP,” on page 73. To configure OSPF, see Section 5.2, 
“OSPF,” on page 79. 


+ Ifthe internetwork has some third-party routers that support RIP II and others that do not, use 
RIP I and RIP II. 


For instructions on enabling RIP I and RIP II simultaneously on a network interface, see 
Section 5.1, “RIP,” on page 73. 


+ [fyou are currently building a large IP internetwork, use OSPF. 


You can also run RIP and OSPF concurrently; for more information, see Section 5.2, “OSPF,” 
on page 79. 
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Use Novell Remote Managerial INETCFG to enable RIP routing on the router as well as to 
configure RIP. 


+ Section 5.1.1, “Using Novell Remote Manager,” on page 75 
+ Section 5.1.2, “Using INETCFG,” on page 78 


5.1.1 Using Novell Remote Manager 
1 Log in to NRM, then click Configure TCPIP > Start TCP/IP Configuration > Configure TCP/ 
IP. 
The TCP/IP Protocol Configuration window is displayed. 


2 To globally enable RIP routing: In the TCP/IP Protocol Configuration window, set RIP to 
Enabled. 


If you want to disable RIP routing on a single interface, set the Status parameter in the RIP bind 
options to Disabled. This action is described in Step 7. 


3 Click Save, then click Back to save your changes and return to the TCP/IP Configuration Menu 
window. Click TCP/IP to interface Bindings. 


The List of Configured Bindings for TCP/IP window is displayed. 
4 Click any of the entries under Interface to modify the properties of that particular binding. 
Figure 5-1 Binding TCP/IP to Board name Interface with IP Address IP_address Window 


A Binding TCP/IP to an Interface - Microsoft Internet Explorer 


Binding TCP/IP to N100_1_EII Interface with IP Address 172.16.1.1 










Status: Enabled | >] 
Local IP Address: fiz2 fie fi ko 
Subnetwork Mask of Connected Network: [255 - [240 — [o fo 
Secondary IP Address Support: View / Modify | 
Configure TCP/IP Bind Options: View / Modify | 


Save | Reset | Delete | Back | 





[E] Done | [B | Internet Z 





5 In the Binding TCP/IP to board name Interface with IP Address /P. address window, click the 
View/Modify button to the right of Configure TCP/IP Bind Options. 
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Figure 5-2 TCP/IP Bind Options of board_name Interface with IP Address IP_ address Window 


J Binding TCP/IP to an Interface - Microsoft Internet Explorer 





TCP/IP Bind Options of N100_1_Ell Interface with IP Address 172.16.1.1 


Group interface for FT: No m 

Set Às Primary Interface: No. —H 
RIP Bind Options: View / Modify | 
OSPF Bind Options: View / Modify | 
Expert TCP/IP Bind Options: View / Modify | 


Reset | Back | z 
E] Done | [Bj [qp Internet » 





6 In the TCP/IP Bind Options to board name Interface with IP Address JP address window, 
click the View/Modify button to the right of RIP Bind Options. 


Figure 5-3 RIP Bind Options of board name Interface with IP Address IP. address Window 


3 Binding TCP/IP to an Interface - Microsoft Internet Explorer 


RIP Bind Options of N100_1_Ell Interface with IP Address 172.16.1.1 


Status: [Enabled ej 
Cost of Interface fi 

Originate Default Route: [Disable:PresentNormalRoutes >| 
Poison Reverse: [Disabled p] 
Split Horizon: [Enabled — i 


Update Time (in seconds): 
Expire Time (in seconds): 
Garbage Time (in seconds): 
RIP Version: 

RIP Mode: 


RIPII Options 


Authentication: sablec 


Authentication Password: 


Reset | Back | l 
E] Done | JĄ (89 Internet a 
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7 In the RIP Bind Options of board name Interface with IP Address /P_ address window, 
configure the following parameters: 


¢ Status: Status of RIP routing on this interface. RIP routing is disabled by default; to 
enable RIP routing only on this interface, select Enabled from the drop-down list. 


+ RIP Version: Version of RIP to use on this interface. Select one of the following options 
from the drop-down list: 


+ RIP I: Standard version of RIP used by most IP routers and end nodes. This is the 
default option. 


+ RIP I & RIP Il: Both versions of RIP. Select this option if your internetwork has 
nodes that support both RIP I and RIP II. 


+ RIP II: Enhanced version of RIP that supports variable-length subnet masks. 

+ RIP Mode: Mode of the RIP version that you selected in RIP Version. 
+ Normal: Causes the router to send and accept RIP packets, RIP I, RIP II, or both. 
+ Receive Only: Causes the router to receive only RIP packets. 


+ Send Only: Causes the router to broadcast, in RIP packets, only the entries in its own 
routing table. 


Some end nodes learn routes only by listening to RIP, even if portions of the internetwork 
run OSPF. Select Send Only if you want the router to broadcast the OSPF routes in its RIP 
I packets so that every end node can learn all available routes. 


The RIP Bind Options window also includes the following parameters: 
+ Cost of Interface 
+ Originate Default Route 
+ Poison Reverse 
¢ Split Horizon 
+ Update Time 
+ Expire Time 
+ Garbage Time 
+ RIP II Options 
IMPORTANT: Because the default settings for these parameters are suitable for most IP 


networks, you should change them only for a specific purpose. Incorrectly configuring these 
parameters can increase routing traffic or cause loss of connectivity on your network. 





8 To save your changes: 


8a Click Apply to return to TCP/IP Bind Options to board name Interface with IP Address 
IP. address window. 


8b Click Apply to return to the Binding TCP/IP to board name Interface with IP Address 
IP address window. 


8c Click Save. 
9 Click Back to return to the TCP/IP Configuration Menu window. 


10 Ifyou want these changes to take effect immediately, click Reinitialize Options. 
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5.1.2 Using INETCFG 


1 Load INETCFG, then select Protocols > TCP/IP. 
2 Make sure RIP routing is enabled globally by setting the RIP field to Disabled. 


If you want to disable RIP routing on a single interface, set the Status parameter in the RIP bind 
options to Disabled. This action is described in Step 3. 


3 Press Esc twice to return to the Internetworking Configuration menu, then select Bindings > an 
existing binding > RIP Bind Options. 


Configure the following parameters: 


¢ Status: Status of RIP routing on this interface. RIP routing is disabled by default; to 
enable RIP routing only on this interface, select this parameter, then select Enabled. 


+ RIP Version: Version of RIP to use on this interface. Select one of the following options: 


+ RIP I: Standard version of RIP used by most IP routers and end nodes. This is the 
default option. 


+ RIP I £ RIP II: Both versions of RIP. Select this option if your internetwork has 
nodes that support both RIP I and RIP II. 


+ RIPII: Enhanced version of RIP that supports variable-length subnet masks. 

+ RIP Mode: Mode of the RIP version you selected in RIP Version. 
+ Normal: Causes the router to send and accept RIP packets, RIP I, RIP II, or both. 
+ Receive Only: Causes the router to only receive RIP packets. 


+ Send Only: Causes the router to broadcast, in RIP packets, only the entries in its own 
routing table. 


Some end nodes learn routes only by listening to RIP, even if portions of the 
internetwork run OSPF. Select Send Only if you want the router to broadcast the 
OSPF routes in its RIP I packets so that every end node can learn all available routes. 


The RIP Bind Options menu also includes the following parameters: 
+ Cost of Interface 
+ Originate Default Route 
+ Poison Reverse 
+ Split Horizon 
+ Update Time 
+ Expire Time 
+ Garbage Time 
* RIP II Options 





IMPORTANT: Because the default settings for these parameters are suitable for most IP 
networks, you should change them only for a specific purpose. Incorrectly configuring these 
parameters can increase routing traffic or cause loss of connectivity on your network. 





4 Press Esc until you are prompted to save your changes, then select Yes. 
5 Press Esc to return to the Internetworking Configuration menu. 


6 If you want these changes to take effect immediately, select Reinitialize System > Yes to 
activate your changes. 
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5.2 OSPF 


OSPF was developed to satisfy the need for a scalable, open-standards routing protocol for large IP 
internetworks. It is a link state protocol that provides highly efficient routing and fast convergence. 


OSPF makes large internetworks more manageable by enabling you to partition them into 
administrative domains called areas. Areas impose a hierarchy on the internetwork. All OSPF areas 
are connected to a central backbone area by an Area Border Router (ABR). The ABR shares OSPF 
routing information between the area and the backbone. 


When configuring an OSPF area, you assign to it a 4-byte decimal number called the Area ID. You 
also indicate which of the router's network interfaces belong to the area and whether the area is a 
stub area. 


Novell TCP/IP supports the use of virtual links between OSPF routers. A virtual link patches 
together a partitioned backbone. It creates a direct point-to-point link between the ABRs that 
connect the partitioned backbone areas through the transit area. 


Most IP internetworks in use today are not pure OSPF networks; that is, portions of these 
internetworks still employ other routing protocols, such as RIP. OSPF uses an Autonomous System 
Boundary Router (ASBR) to import and propagate routing information from these protocols. 
ASBRs are always located on the border of an OSPF domain. When configuring OSPF, you can 
enable your router to operate as an ASBR. For an ASBR to import RIP routes learned through an 
interface, RIP must be enabled on that interface. 


Each OSPF router has its own Router ID, a 4-byte number that uniquely identifies the router and 
enables it to participate in informational exchanges with neighboring routers. The default Router ID 
is the IP address of the first interface bound to IP on the router. Although INETCFG enables you to 
change the Router ID, you should use the default unless you need a simpler numbering scheme for 
administrating several hundred routers on an internetwork. 





TIP: If you are using an unnumbered point-to-point interface, we recommend that you configure a 
unique router ID. 





Optionally, OSPF can be configured to authenticate its packets by providing an authentication key 
—an 8-byte, alphanumeric password—in each OSPF packet header. OSPF authentication gives you 
administrative control over which routers participate in link state exchanges on the internetwork. A 
router without proper authentication is excluded from these exchanges and, essentially, from 
performing any OSPF routing. Novell TCP/IP enables you to provide authentication for an area and 
to provide an authentication key for each network to which the router is connected. By default, 
authentication is turned off. 


OSPF enables you to assign a cost value to each network interface you configure. This enables you 
to establish a preferred route according to the type of network media connected to the interface. For 
example, you might want to increase the cost of an interface that uses a slow link so that, given the 
choice, OSPF uses the interface to a faster, less costly link. 


Like RIP, OSPF can run over most WAN connections, depending on which call type you use. On- 
demand calls, for example, typically use static routes instead of an active routing protocol. 





IMPORTANT: An active routing protocol, such as OSPF, should not be used on an on-demand link 
because it periodically brings up the link and causes the link to continue to stay up. 
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Permanent calls on an IP network typically use a routing protocol, such as OSPF or RIP, to 
communicate routing information. However, they can also use static routes to conserve bandwidth. 
OSPF can also run over a nonbroadcast multiaccess network, such as X.25 or frame relay, but you 
must provide the IP address of the peer OSPF router at the other end of each connection. 





TIP: Novell TCP/IP enables you to run OSPF and RIP on the same router, but under normal 
circumstances, you should run them separately on different interfaces. Although an ASBR must run 
both protocols so that it can import RIP routes and propagate them to other OSPF routers, you 
should not run both on too many other routers in your OSPF domain. Doing so consumes additional 
network bandwidth and router memory, and might even create routing loops. 


The extent to which you must configure OSPF depends on the characteristics of your network, such 
as its size and topology, and whether it uses other IP routing protocols besides OSPF. To help you 
configure only what is necessary, this section provides the following procedures: 

+ “Basic OSPF Configuration” on page 80 

+ “Advanced OSPF Configuration” on page 82 


5.2.1 Basic OSPF Configuration 


You can enable OSPF routing on the router as well as configure OSPF on a network interface by 
using Novell Remote Manager or INETCFG. 

+ “Using Novell Remote Manager” on page 80 

+ “Using INETCFG” on page 81 


Using Novell Remote Manager 
1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration 
> Configure TCP/IP. 
2 Inthe TCP/IP Protocol Configuration window, set OSPF to Enabled. 


This action enables OSPF routing globally on the router. If you want to disable OSPF routing 
on a single interface, set the Status parameter to Disabled as described in Step 6. 


3 Click Save. 
The system displays a TCP/IP Configuration Successful message: 
4 Click OK to return to the TCP/IP Configuration Menu window. 


5 Click TCP/IP to Interface Bindings > an existing binding > the View/Modify button to the right 
of Configure TCP/IP Bind Options > the View/Modify button to the right of OSPF Bind 
Options. 
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Figure 5-4 OSPF Bind Options of board name Interface with IP Address IP. address Window 
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6 The Status field indicates whether OSPF routing is active on this interface. OSPF routing is 
enabled by default; to disable OSPF routing only on this interface, select Disabled from the 
drop-down list. 


The OSPF Bind Options window also includes the following parameters: 
+ Cost of Interface 
+ Area ID 
* Priority 
* Authentication Password 
* Hello Interval 
* Router Dead Interval 
* Neighbor List 





IMPORTANT: Because the default settings for these parameters are suitable for most IP 
networks, you should change them only for a specific purpose. Misconfiguring these 
parameters can increase routing traffic or cause loss of connectivity on your network. 


7 To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 
Apply > Save > Back. 


8 If you want these changes to take effect immediately, click Reinitialize Options. 


Using INETCFG 


1 Load INETCFG, then select Protocols > TCP/IP. 
2 Select the OSPF field, then select Enabled. 
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This action enables OSPF routing globally on the router. If you want to disable OSPF routing 
on a single interface, set the Status parameter to Disabled as described in Step 3. 


3 Press Esc repeatedly to return to the Internetworking Configuration menu, then select Bindings 
> an existing binding > OSPF Bind Options. 


4 The Status field indicates whether OSPF routing is active on this interface. OSPF routing is 
enabled by default; to disable OSPF routing only on this interface, select Status, then select 
Disabled. 


The OSPF Bind Options menu also includes the following parameters: 
+ Cost of Interface 
+ Area ID 
* Priority 
+ Authentication Password 
+ Hello Interval 
+ Router Dead Interval 
+ Neighbor List 
IMPORTANT: Because the default settings for these parameters are suitable for most IP 


networks, you should change them only for a specific purpose. Misconfiguring these 
parameters can increase routing traffic or cause loss of connectivity on your network. 





5 Press Esc until you return to the Internetworking Configuration menu. Select Yes if you are 
prompted to save your changes. 


6 If you want these changes to take effect immediately, select Reinitialize System > Yes. 


5.2.2 Advanced OSPF Configuration 


You can configure advanced OSPF features using Novell Remote Manager or INETCFG: 


+ *Using Novell Remote Manager” on page 82 
+ “Using INETCFG” on page 85 


Using Novell Remote Manager 
1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
Configure TCP/IP. 


2 Inthe TCP/IP Protocol Configuration window, click the View/Modify button to the right of 
OSPF Configuration. 


3 The OSPF Configuration window is displayed and includes the following parameters: 
+ Router ID 
+ Virtual Link Configuration 
+ [P Load Sharing 





IMPORTANT: Most network configurations do not require you to change these parameters. 
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Figure 5-5 OSPF Configuration window 


3 OSPF Configuration - Microsoft Internet Explorer 
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4 To configure an ASBR, set the Autonomous System Boundary Router field to Enabled 


Enabling this parameter enables the router to operate as an ASBR. In this capacity, the router 
advertises non-OSPF routes, such as those generated by RIP and EGP. In addition, static routes 
and direct routes to the OSPF domain are advertised. This is necessary to preserve connectivity 
throughout an internetwork that uses routing protocols other than OSPF. This parameter should 
be configured only on routers that connect an OSPF area to an area that uses a different routing 
protocol. 


Do not enable this parameter on an internetwork that uses only OSPF. Doing so causes 
unwanted traffic on the route. 


5 To configure an OSPF area, click Add for Area Configuration and continue with Step 6. 
Otherwise, go to Step 11. 
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Figure 5-6 OSPF Area Configuration Window 


J3 OSPF Area Configuration - Microsoft Internet Explorer 
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6 In the OSPF Area Configuration window, configure the following area parameters: 


+ Area ID: Four-byte decimal number that identifies the area. For example, a valid Area ID 
1s 85.8.0.11. However, the Area ID does not need to be an IP address. You can enter any 
number, but it must be in the format of an IP address. If you enter a hexadecimal number, 
INETCFG converts it to decimal. 


For the router to belong to an area, the Area ID that identifies that area must be assigned to 
at least one of the router’s interfaces. You assign an Area ID to an interface in Step 10. 
+ Authentication: Switch that enables or disables authentication for the area. 


If you enable authentication on this router, you must enable authentication on all other 
routers in the area. Also, all interfaces belonging to that area must have an authentication 
key. You provide the authentication key in Step 10. 


+ Route Aggregation: Network number of a group of networks that is aggregated into one 
network number. To assign the Network and Mask values of this network number, click 
Add. Because supernetting is not supported, the aggregated network must be the same 
length as the natural mask of the network class. 


+ Area Type: Type of OSPF area that can be Normal or Stub. All routers in the same area 
must agree on the area type. 


The backbone area (0.0.0.0) cannot be a stub area. 


+ Stub Cost: Cost of the default route advertised to the stub area. This parameter is used 
only if the Area Type is set to Stub. 


7 To save your changes, click Apply > Apply > Save. The system displays a TCP/IP 
Configuration Successful message. 


8 Click OK to return to the TCP/IP Configuration Menu window. 


9 Click TCP/IP to interface Bindings > an existing binding > the View/Modify button to the right 
of Configure TCP/IP Bind Options > the View/Modify button to the right of OSPF Bind 
Options. 
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10 If you are configuring an OSPF area, configure the following area parameters: 


+ Area ID: ID of the area to which this interface belongs. Press Enter to determine the list 
of available areas. Use the Up-arrow and Down-arrow keys to select an area, then press 
Enter to select it. 


+ Authentication Password: Eight-byte password that authenticates the router’s OSPF 
packets to the area to which this interface belongs. Valid characters are 0 to 9, A to Z, a to 
z, underscore, and dash. 


This parameter is required only if you enabled the Authentication parameter for the area 
you select, as described in Step 6 on page 84. 





IMPORTANT: Not all interfaces within the same area are required to have the same 
authentication key; however, all interfaces connected to the same network must have the 
same authentication key. 





11 To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 
Apply > Save > Back. 


12 Ifyou want these changes to take effect immediately, select Reinitialize Options. 


Using INETCFG 


1 Load INETCFG, then select Protocols > TCP/IP. 
2 Select OSPF Configuration. 
The OSPF Configuration menu is displayed and includes the following parameters: 
+ Router ID 
+ Virtual Link Configuration 
+ [P Load Sharing 





IMPORTANT: Most network configurations do not require you to change these parameters. 





3 To configure an ASBR, select Autonomous System Boundary Router > Enabled. 


Enabling this parameter enables the router to operate as an ASBR. In this capacity, the router 
advertises non-OSPF routes, such as those generated by RIP and EGP. In addition, static routes 
and direct routes to the OSPF domain are advertised. This is necessary to preserve connectivity 
throughout an internetwork that uses routing protocols other than OSPF. This parameter should 
be configured only on routers that connect an OSPF area to an area that uses a different routing 
protocol. 


Do not enable this parameter on an internetwork that uses only OSPF. Doing so causes 
unwanted traffic on the route. 


4 To configure an OSPF area, select Area Configuration and continue with Step 5. Otherwise, go 
to Step 11. 


The OSPF Areas menu is displayed. 


This menu lists the IDs of all areas to which the router belongs. If you have not configured an 
OSPF area on this router, the only area listed is 0.0.0.0, the backbone area. 


5 Select an existing area or press the Insert key to create a new area. 
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6 Configure the following area parameters: 


+ 


Area ID: Four-byte decimal number that identifies the area. For example, a valid Area ID 
is 85.8.0.11. However, the Area ID does not need to be an IP address. You can specify any 
number, but it must be in the format of an IP address. If you specify a hexadecimal 
number, INETCFG converts it to decimal. 


For the router to belong to an area, the Area ID that identifies that area must be assigned to 
at least one of the router's interfaces. You assign an Area ID to an interface in Step 8. 


Authentication: Switch that enables or disables authentication for the area. 


If you enable authentication on this router, you must enable authentication on all other 
routers in the area. Also, all interfaces belonging to that area must have an authentication 
key. You provide the authentication key in Step 8. 


Route Aggregation: Network number of a group of networks that is aggregated into one 
network number. Press Insert to assign the Network and Mask values of this network 
number. Because supernetting is not supported, the aggregated network must be the same 
length as the natural mask of the network class. 


Area Type: Type of OSPF area, which can be Normal or Stub. All routers in the same 
area must agree on the area type. 


The backbone area (0.0.0.0) cannot be a stub area. 


Stub Cost: Cost of the default route advertised to the stub area. This parameter is used 
only if the Area Type is set to Stub. 


7 Press Esc until you are prompted to save your changes, then select Yes. 


8 Press Esc until you return to the Internetworking Configuration menu, then select Bindings > 
an existing binding > OSPF Bind Options. 


9 If you are configuring an OSPF area, configure the following area parameters: 


+ 


Area ID: ID of the area to which this interface belongs. Press Enter to determine the list 
of available areas. Use the Up-arrow and Down-arrow keys to select an area, then press 
Enter to select it. 


Authentication Password: Eight-byte password that authenticates the router's OSPF 
packets to the area to which this interface belongs. Valid characters are 0 to 9, A to Z, ato 
z, underscore, and dash. 


This parameter is required only if you enabled the Authentication parameter for the area 
you select, as described in Step 6 on page 86. 





IMPORTANT: Not all interfaces within the same area are required to have the same 
authentication key; however, all interfaces connected to the same network must have the 
same authentication key. 


10 Press Esc until you are prompted to save your changes, then select Yes. 


11 Press Esc to return to the Internetworking Configuration menu. 


12 If you want these changes to take effect immediately, select Reinitialize System > Yes. 
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5.2.3 Configuring Load Sharing over Equal-Cost OSPF Routes 


IP maintains multiple equal-cost OSPF routes. Load sharing enables a router to divide traffic over 
equal-cost routes. The router can have several next hops available toward any destination. With this 
configuration, the router can divide the traffic among the various equal-cost routes to the 
destination. As a result, load sharing increases the effective bandwidth of an end-to-end path. In 
addition, it can improve the traffic distribution on an internetwork. 





NOTE: Load sharing is performed only on equal-cost routes learned from OSPF. 


You enable load sharing within OSPF. IP maintains a maximum of four equal-cost routes to each 
destination network. The OSPF equal-cost routes are maintained internally and are not displayed in 
TCPCON. 





IMPORTANT: Because OSPF networks tend to be large and complex, we recommend that you do 
not manually adjust the cost of the interface to create equal-cost routes. It is best to let OSPF 
automatically determine the equal-cost routes to the destination network. 


You can configure load sharing on the router by using Novell Remote Manager or INETCFG. 


+ “Using Novell Remote Manager” on page 87 
+ “Using INETCFG” on page 87 


Using Novell Remote Manager 
1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
Configure TCP/IP. 
In the TCP/IP Protocol Configuration window, set OSPF to Enabled. 
Click the View/Modify button to the right of OSPF Configuration. 
In the OSPF Configuration window, set IP Load Sharing to Enabled. 
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To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 
Apply > Save > Back. 


6 Ifyou want these changes to take effect immediately, click Reinitialize Options. 


Using INETCFG 


Load INETCFG, then select Protocols > TCP/IP. 

Select OSPF > Enabled. 

Select OSPF Configuration. 

Select IP Load Sharing > Enabled. 

Press Esc until you are prompted to save your changes, then select Yes. 


Press Esc to return to the Internetworking Configuration menu. 
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If you want these changes to take effect immediately, select Reinitialize System > Yes. 
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5.3 Static Routes for LANs 


Static routes are useful if you want to do any of the following on your network: 


+ Eliminate routing traffic, which increases the bandwidth available for data. 


+ Limit user access to one portion of the network. For example, if a static route for a network is 
configured on a router, any packets that are received by the router are forwarded only to the 
destination network specified by that static route. 


¢ Gain access to isolated areas of the network, which is useful if dealing with legacy network 
topologies. 


+ Gain access to a network more than 15 hops away. 


+ Use a static route as a backup route to dynamic routes. 





TIP: Use this procedure to configure static routes when the next hop router is on the same LAN as 
the router you are configuring. 





5.3.1 How to Configure a LAN Static Route 


You can configure a static route for a LAN by using Novell Remote Manager or INETCFG: 


+ “Using Novell Remote Manager” on page 88 
+ “Using INETCFG” on page 90 


Using Novell Remote Manager 


1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
Configure TCP/IP. 
2 Inthe TCP/IP Protocol Configuration window, configure the following static route parameters: 
+ LAN Static Routing: Enables LAN static routing on the router. Set this field to Enabled. 
+ LAN Static Routing Table: Entry point to the LAN static route configuration parameters. 
Click the View/Modify button to the right of LAN Static Routing Table: 


Figure 5-7 TCP/IP Static Routes Window 


E LAN Static Routing Table : TCPIP-HOST1 - Microsoft Internet Explorer 


TCP/IP Static Routes 


Route Type IP Address of Network/Host Next Hop Router on Route Metric 
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In the TCP/IP Static Routes window, click any of the entries under RouteType to modify 
the properties of that particular route. 


Figure 5-8 Modify Static Route Configuration Window 


3 Modify Static Route Configuration - Microsoft Internet Explorer 


Modify Static Route Configuration 
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In the Modify Static Route Configuration window, configure the following parameters: 


+ Route Type: Select Network or Host if you want the destination at the other end of 
the static route to be a single IP host or an IP network (that is, a group of hosts). Or, 
you can select Default Route. If the router must forward a packet for which it can 
find no destination in its routing table, it sends the packet to the address specified by 
the next hop for the default route. This type of blind forwarding keeps a packet on the 
network until a router can forward it to its final destination. 


+ IP Address of Network/Host: Type the address of the destination network or host. 
The list of symbolic network names and addresses corresponds to the 
sys: \etc\networks file. The list of symbolic host names and addresses 
corresponds to the sys: Netcyhosts file. 


+ Subnetwork Mask: If the destination is an IP network, the subnet mask of that 
network. 


+ Next Hop Router on Route: Explicit destination of the next hop. 


Specify the IP address of the next-hop router. To select from a list of symbolic 
hostnames and addresses, press Insert. 


+ Metric for this Route: Number of hops to the destination. This metric is directly 
proportional to the cost of the route. Given two routes to the same destination, the 
router chooses the lower-cost route. 
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If you want to use the static route as a backup route to a dynamic route, select a value 
that is higher than the cost associated with the dynamic route. This selection ensures 
that the dynamic route remains the preferred route under typical conditions. 


Do not set this metric value to 16 unless you want to disable the route. 


+ Type of Route: Specify whether the static route is active or passive.This parameter 
specifies whether the next hop router for this route actively advertises the route to 
this network. 


Usually, static routes are not advertised and are categorized as passive routes. When a 
route is marked as active, TCP/IP expects the next hop router to advertise the route 
regularly. If a router stops advertising an active route, TCP/IP assumes the route is no 
longer available and deletes it from the routing table. 


If the static route is active and the router discovers a lower-cost dynamic route to the 
same destination, it uses the lower-cost route instead of the active static route. If the 
lower-cost route becomes unavailable, the router returns to using the active static 
route. 


3 To save your changes, click Apply > Save. 
4 (Optional) - Disable the routing protocol on this interface to reduce routing traffic. 


4a In the RIP Bind Options of board name Interface with IP Address /P address window, 
set Status to Disabled. 


4b In the OSPF Bind Options of board name Interface with IP Address /P address window, 
set Status to Disabled. 


4c If your router has multiple interfaces and you want to disable them, repeat these steps for 
each interface. 


5 Click Back to return to the TCP/IP Configuration Menu window. 


6 If you want these changes to take effect immediately, click Reinitialize Options. 


Using INETCFG 


1 Load INETCFG, then select Protocols > TCP/IP. 
2 Configure the following static route parameters: 


* LAN Static Routing: Enables LAN static routing on the router. Select this field, then 
select Enabled. 


* LAN Static Routing Table: Entry point to the LAN static route configuration parameters. 
Press Insert and configure the following parameters: 


Route Type: Select Network or Host if you want the destination at the other end of the 
static route to be a single IP host or an IP network (that is, a group of hosts). Or, you can 
select Default Route. If the router must forward a packet for which it can find no 
destination in its routing table, it sends the packet to the address specified by the next hop 
for the default route. This type of blind forwarding keeps a packet on the network until a 
router can forward it to its final destination. 


IP Address of Network/Host: Specify the address of the destination network or host. The 
list of symbolic network names and addresses corresponds to the sys: etc networks 
file. The list of symbolic host names and addresses corresponds to the sys:\etc\hostsfile. 


Subnetwork Mask: If the destination is an IP network, the subnet mask of that network. 


Next Hop Router on Route: Explicit destination of the next hop. 
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Specify the IP address of the next-hop router. To select from a list of symbolic hostnames 
and addresses, press Insert. 


Metric for this Route: Number of hops to the destination. This metric is directly 
proportional to the cost of the route. Given two routes to the same destination, the router 
chooses the lower-cost route. 


If you want to use the static route as a backup route to a dynamic route, select a value that 
is higher than the cost associated with the dynamic route. This selection ensures that the 
dynamic route remains the preferred route under typical conditions. 


Do not set this metric value to 16 unless you want to disable the route. 


Type of Route: Specify whether the static route is active or passive.This parameter 
specifies whether the next hop router for this route actively advertises the route to this 
network. 


Usually, static routes are not advertised and are categorized as passive routes. When a 
route is marked as active, TCP/IP expects the next hop router to advertise the route 
regularly. If a router stops advertising an active route, TCP/IP assumes the route is no 
longer available and deletes it from the routing table. 


If the static route is active and the router discovers a lower-cost dynamic route to the same 
destination, it uses the lower-cost route instead of the active static route. If the lower-cost 
route becomes unavailable, the router returns to using the active static route. 


3 Press Esc twice, then select Yes to save your changes. 

4 (Optional) - Disable the routing protocol on this interface to reduce routing traffic. 
4a Select Bindings > an existing binding. 
4b Select RIP Bind Options > Status > Disabled. 
4c Press Esc and then select OSPF Bind Options > Status > Disabled. 


4d Tf your router has multiple interfaces and you want to disable them, repeat these steps for 
each interface. 


5 Press Esc until you are prompted to save your changes, then select Yes. 
6 Press Esc to return to the Internetworking Configuration menu. 


7 If you want these changes to take effect immediately, select Reinitialize System > Yes. 


5.3.2 Configuring a Default Gateway (LAN Static Route) 


You can configure multiple default gateways and provide a fault tolerant solution on your network. 
When the Section 2.8, “Dead Gateway Detection,” on page 39 feature is enabled and a default 
gateway goes off-line, the Multiple Default Gateway list is used to switch to the next preferred 
default gateway, thereby reducing the downtime of your network. 


To configure Dead Gateway Detection, see “Enabling Dead Gateway Detection” on page 94. The 
various ways of configuring multiple default gateways are explained below. The implications of 
using different methods for configuring multiple default gateways are also given in the table under 
“Comparing Different Default Gateway Configuration Methods” on page 93. 

+ “Using Novell Remote Manager to Add a Default Gateway” on page 92 

+ “Using BIND to Add a Default Gateway” on page 92 


+ “Using TCPCON to Add a Default Gateway” on page 92 
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+ “Configuring RIP to Add a Default Gateway” on page 92 
+ “Configuring Router Discovery to Add a Default Gateway” on page 93 


Using Novell Remote Manager to Add a Default Gateway 


To configure multiple default gateways using Internetworking Configuration, see “How to 
Configure a LAN Static Route” on page 88. 


Using BIND to Add a Default Gateway 
To add a new default gateway by using BIND, enter the following command at the server prompt: 
bind ip board name addr-x.x.x.xmask-x.x.x.x gate-x.x.x.x cost-n 


board name is the name of the interface board that you assigned as the default gateway. addr is the 
IP address of the board. mask is the subnet mask address associated with the IP address of the board. 
gate is the IP address of the gateway, and cost is the value associated with the gateway and is also 
the primary routing metric for this gateway. 


Using TCPCON to Add a Default Gateway 


1 Load TCPCON, then select IP Routing Protocol. 
2 Select Proceed, press Insert, and configure the following parameters: 


Destination: Press Insert to display a list of symbolic network names from the 
sys: etc networks file. Select Default here. 


Next Hop: Enter the IP address of the gateway. 


Interface: Enter the interface index value through which the next hop of this gateway should 
be reached. 


Cost: Enter the primary routing metric for this gateway. 


3 Press Esc until you are prompted to save your changes, then select Yes to return to the IP 
Routing Table screen. 


Configuring RIP to Add a Default Gateway 


* "Using Novell Remote Manager" on page 92 
* "Using INETCFG" on page 93 


Using Novell Remote Manager 


1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
TCP/IP to interface Bindings > an existing binding > the View/Modify button to the right of 
Configure TCP/IP Bind Options > the View/Modify button to the right of RIP Bind Options. 


2 In the RIP Bind Options of board name Interface with IP Address JP. address window, set the 
Original Default Route to Enabled. 


3 To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 
Apply > Save > Back. 


4 If you want these changes to take effect immediately, click Reinitialize Options. 


These advertisements from the router are picked up and used by an end node to add a default 
gateway on it. This is possible only when RIP is enabled on the end node. 


92 NW 6.5 SP8: TCP/ IP Administration Guide 


Using INETCFG 


1 Load INETCFG, then select Bindings > an existing TCP/IP binding > RIP Bind Options. 
2 Select Originate Default Route and enable this option. 


3 Press Esc until you are prompted to save your changes, then select Yes. 


4 Press Esc to return to the Internetworking Configuration menu. 


5 If you want these changes to take effect immediately, select Reinitialize System > Yes. 


Configuring Router Discovery to Add a Default Gateway 


You can configure Router discovery options on a system to add a default gateway. These systems 
advertise themselves as a gateway and answer queries from end nodes. End nodes use it to locate a 
gateway on their network. To configure Router Discovery, see Section 5.6, “Router Discovery,” on 


page 98. 


5.3.3 Comparing Different Default Gateway Configuration 


Methods 


The table below explains the implications of using different methods for configuring multiple 
default gateways and describes the priorities associated with each method. 


Configuration Method 
Used to Add Multiple 
Default Gateways 


Using Novell Remote 
Manager to Add a 
Default Gateway 


This process can also 
be done through 
INETCFG. 


Using Bind to Add a 
Default Gateway 


Using TCPCON to 
Add a Default 
Gateway 


Configuring RIP to 
Add a Default 
Gateway 


Configuring Router 
Discovery to Add a 
Default Gateway 


Metric or Cost Assigned to Default Gateway 





Better Than the Cost of 
Current Default Gateway 


Added to the Default 
Gateway list and made 
the default gateway. 


Added to the Default 
Gateway list and made 
the default gateway. 


Added to the Default 
Gateway list and is 
made the default 
gateway. 


Added to the Default 
Gateway list and is 
made the default 
gateway. 


Added to the Default 
Gateway list and is 
made the default 
gateway. 


Equal to the Cost of 
Current Default Gateway 


Not made the default 
gateway, but the entry is 
added to the Default 
Gateway list. 


Not made the default 
gateway, but entry is 
added to the Default 
Gateway list. 


Added to the Default 
Gateway list and is 
made the default 
gateway. 


Not made the default 
gateway, but entry is 
added to the Default 
Gateway list. 


Not made the default 
gateway, but entry is 
added to the Default 
Gateway list. 


Worse Than the Cost of 
Current Default Gateway 


Not made the default 
gateway, but the entry is 
added to the Default 
Gateway list. 


Not made the default 
gateway, but entry is 
added to the Default 
Gateway list. 


Not added to the Default 
Gateway list and is not 
made the default 
gateway. 


Not made the default 
gateway, but entry is 
added to the Default 
Gateway list. 


Not made the default 
gateway, but entry is 
added to the Default 
Gateway list. 
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5.3.4 Enabling Dead Gateway Detection 


+ “Using Novell Remote Manager” on page 94 
+ “Using INETCFG” on page 94 


Using Novell Remote Manager 


1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration 
> Configure TCP/IP. 


2 Inthe TCP/IP Protocol Configuration window, set the Dead Gateway Detection to Enabled. 
3 Click Save. The system displays a TCP/IP Configuration successful message. 
4 Click OK to return to the TCP/IP Configuration Menu window. 


5 If you want these changes to take effect immediately, click Reinitialize Options. 


Using INETCFG 


1 Load INETCFG, then select Protocols > TCP/IP. 

2 Select Dead Gateway Detection > Enabled. 

3 Press Esc until you are prompted to save your changes, then select Yes. 
4 Press Esc to return to the Internetworking Configuration menu. 


5 Ifyou want these changes to take effect immediately, select Reinitialize System > Yes. 


5.3.5 Configuring Dead Gateway Detection 


You can fine-tune the performance of the Dead Gateway Detection feature. 


Probe Interval is the time (in seconds) at which probes would be sent to the default gateway to 
determine whether it is functional or not. 


Range = 10 to 1800. Default = 30. 


Probe Timeout is the time interval (in seconds) after which the next probe is sent to the default 
gateway, when there is no reply received by the gateway for the previously sent probe. 


Range = 1 to 20. Default = 2. 


Configuring the Probe Interval 
+ “Using Novell Remote Manager” on page 94 
+ “Using INETCFG” on page 95 

Using Novell Remote Manager 


1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration 
> Configure TCP/IP. 


2 Inthe TCP/IP Protocol Configuration window, click the View/Modify button to the right of 
Dead Gateway Detection Configuration. 


3 Inthe Dead Gateway Detection Configuration window, type a Probe Interval value in seconds. 
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4 To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 
Save > Back. 


5 If you want these changes to take effect immediately, click Reinitialize Options. 


Using INETCFG 


1 Load INETCFG, then select Protocols > TCP/IP > Dead Gateway Detection Configuration. 
2 Select Probe Interval, then enter a value in seconds. 

3 Press Esc until you are prompted to save your changes, then select Yes. 

4 Press Esc to return to the Internetworking Configuration menu. 


5 If you want these changes to take effect immediately, select Reinitialize System > Yes. 


Configuring Probe Timeout 


+ “Using Novell Remote Manager” on page 95 
+ “Using INETCFG” on page 95 


Using Novell Remote Manager 
1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration 
> Configure TCP/IP. 


2 In the TCP/IP Protocol Configuration window, click the View/Modify button to the right of 
Dead Gateway Detection Configuration. 


3 In the Dead Gateway Detection Configuration window, type a Probe Timeout value in seconds. 


4 To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 
Save > Back. 


5 If you want these changes to take effect immediately, click Reinitialize Options. 
Using INETCFG 


1 Load INETCFG, then select Protocols > TCP/IP > Dead Gateway Detection Configuration. 
2 Select Probe Timeout, then enter a value in seconds. 

3 Press Esc until you are prompted to save your changes, then select Yes. 

4 Press Esc to return to the Internetworking Configuration menu. 


5 If you want these changes to take effect immediately, select Reinitialize System > Yes. 


5.4 Load Balancing 


Before you configure load balancing check whether you have bound the desired NIC. If not, go to 
Section 3.6, “Binding Protocols,” on page 56 to do so. 


+ Section 5.4.1, “Using Novell Remote Manager,” on page 96 
+ Section 5.4.2, “Using INETCFG,” on page 97 
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5.4.1 Using Novell Remote Manager 


1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
Configure TCP/IP. 


2 Inthe TCP/IP Protocol Configuration window, set Load Balancing to Enabled. 


This switch is for the complete system. You still need to configure load balancing on your 
network. 


3 Click the View/Modify button to the right of Load Balancing Configuration. 


Figure 5-9 Load Balancing Configuration Window 
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4 Type a Load Balancing Interval value in seconds. 


5 Click the entry under Network to configure Individual Groups. 


Figure 5-10 View/Configure Load Balancing Window 
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6 Set Load Balancing to Enabled. 
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7 To save your changes, click Apply > Apply > Save. 
The system displays a TCP/IP Configuration Successful message. 
8 Click OK to return to the TCP/IP Configuration Menu window. 


9 If you want these changes to take effect immediately, click Reinitialize Options. 


5.4.2 Using INETCFG 


1 Load INETCFG, then select Protocols. 
2 Select TCP/IP from the list of protocols. 
Select Load Balancing and enable it. 


This switch is for the complete system. You still need to configure load balancing on your 
network. 


4 Select Load Balancing Configuration. 
5 Configure the Load Balancing Interval and configure Individual Groups. 


6 In Configure Individual Groups, select the network listed and enable load balancing. 


5.5 Fault Tolerance 


Before you configure fault tolerance check whether you have bound the desired NIC. If not, go to 
Section 3.6, “Binding Protocols,” on page 56 to do so. 


+ Section 5.5.1, “Using Novell Remote Manager,” on page 97 
+ Section 5.5.2, “Using INETCFG,” on page 98 


5.5.1 Using Novell Remote Manager 
1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
Configure TCP/IP. 
2 Inthe TCP/IP Protocol Configuration window, set Fault Tolerance to Enabled. 


This switch is for the complete system. You still need to configure fault tolerance on your 
network. 


3 Click the View/Modify button to the right of Fault Tolerance Configuration. 
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Figure 5-11 Fault Tolerance Configuration Window 
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4 Type a Fault Detection Interval value in seconds. 


5 For the entry listed under network, set Fault Tolerance to Enabled. 
6 To save your changes, click Apply > Save. 

The system displays a TCP/IP Configuration Successful message. 
7 Click OK to return to the TCP/IP Configuration Menu window. 


8 If you want these changes to take effect immediately, click Reinitialize Options. 


5.5.2 Using INETCFG 


1 Load INETCFG and select Protocols. 
2 Select TCP/IP from the list of protocols. 
3 Select Fault Tolerance and enable it. 


This switch is for the complete system. You still need to configure fault tolerance on your 
network. 


4 Select Fault Tolerance Configuration. 
5 Configure Fault Detection Interval, Minimum Error Level, and Configure Individual Groups. 


6 In the Configure Individual Groups, select the network listed and enable fault tolerance. 


5.6 Router Discovery 


Both IP routers and end nodes can use the ICMP Router Discovery Protocol. Routers use it to 
advertise themselves as an IP router and to answer queries from end nodes. End nodes use it to 
locate an IP router on their network. Your system acts as a router when Packet Forwarding is 
enabled for IP and acts as an end node when Packet Forwarding is disabled for IP. 





NOTE: For an end node to locate an IP router by this method, it must also support the ICMP Router 
Discovery Protocol. 





To configure router discovery on an interface: 


* Section 5.6.1, “Using Novell Remote Manager,” on page 99 
+ Section 5.6.2, "Using INETCFG,” on page 100 
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5.6.1 Using Novell Remote Manager 


1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
TCP/IP to interface Bindings > an existing binding. 


2 Click the View/Modify button to the right of Configure TCP/IP Bind Options, then the View/ 
Modify button to the right of Expert TCP/IP Bind Options. 


Figure 5-12 Expert TCP/IP LAN Options of board_name with IP Address IP_ address Window 
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3 In the Expert TCP/IP LAN Options of board name with IP Address JP address window, set 
Status to Enabled. 


4 Select the Destination Address from the drop-down list. 


This is the method by which the IP router or end node sends router discovery packets. You can 
select one of the following options 


+ Broadcast: Sends the packets to all nodes on the network. 
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+ Router Discovery Multicast: Sends the packets to an IP multicast address used 
specifically for router discovery exchanges. The packets are received only by nodes that 
understand this multicast address. 


5 To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 
Save > Back. 


6 Ifyou want these changes to take effect immediately, click Reinitialize Options. 


5.6.2 Using INETCFG 


1 Load INETCFG, then select Bindings > an existing binding > Expert TCP/IP Bind Options > 
Router Discovery Options. 


2 Select the Status field > Enabled. 
3 Select Destination Address. 
This is the method by which the IP router or end node sends router discovery packets. 
4 Select one of the following options: 
¢ Broadcast: Sends the packets to all nodes on the network. 


+ Router Discovery Multicast: Sends the packets to an IP multicast address used 
specifically for router discovery exchanges. The packets are received only by nodes that 
understand this multicast address. 


5 Press Esc until you are prompted to save your changes, then select Yes. 
6 Press Esc to return to the Internetworking Configuration menu. 


7 Ifyou want these changes to take effect immediately, select Reinitialize System > Yes. 


5.7 Type of Service (TOS) 


Using TOS, you can set the type of service for the IP data packets going out through an interface 
over a network. 


Assign a value to set the TOS and the precedence bits of the IP header for outgoing packets. To set 
only TOS bits, use a value between 0 and 15. To set TOS and precedence bits, use a value between 0 
and 127. 


The valid range of values for TOS is from 0 to 127. The default value is 0, which indicates normal 
TOS. The four TOS bits are minimize delay (0x10), maximize throughput (0x08), maximize 
reliability (0x04), and minimize monetary cost (0x02). 


This value is set only if TOS is enabled for this interface; otherwise, the TOS value set through the 
SET options is used. To see how to use SET options, see “Configuration Using SET Options:” on 
page 61. 





NOTE: The TOS value for outgoing IP datagrams can be set by an application using the WINSOCK 
API SetSockOpt. The value set by an API takes the highest preference, followed by the value set 
using the method shown in “Assigning a TOS Value” on page 101, then the value set through the 
SET options. 
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5.7.1 Enabling TOS 


+ “Using Novell Remote Manager” on page 101 
+ “Using INETCFG” on page 101 


Using Novell Remote Manager 
1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
TCP/IP to interface Bindings > an existing binding. 


2 Click the View/Modify button to the right of Configure TCP/IP Bind Options, then the View/ 
Modify button to the right of Expert TCP/IP Bind Options. 


3 In the Expert TCP/IP LAN Options of board name with IP Address IP_ address window, set 
TOS to Enabled. 


4 To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 
Save > Back. 


5 If you want these changes to take effect immediately, click Reinitialize Options. 


Using INETCFG 


1 Load INETCFG, then select Bindings > an existing binding > Expert TCP/IP Bind Options. 
2 Select TOS > Enabled. 

3 Press Esc until you are prompted to save your changes, then select Yes. 

4 Press Esc to return to the Internetworking Configuration menu. 


5 If you want these changes to take effect immediately, select Reinitialize System > Yes. 


5.7.2 Assigning a TOS Value 


+ “Using Novell Remote Manager” on page 101 
+ “Using INETCFG” on page 101 


Using Novell Remote Manager 
1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
TCP/IP to interface Bindings > an existing binding. 


2 Click the View/Modify button to the right of Configure TCP/IP Bind Options, then the View/ 
Modify button to the right of Expert TCP/IP Bind Options. 


3 In the Expert TCP/IP LAN Options of board name with IP Address JP. address window, type 
a TOS value. 


4 To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 
Save > Back. 


5 If you want these changes to take effect immediately, click Reinitialize Options. 


Using INETCFG 


1 Load INETCFG, then select Bindings > an existing binding > Expert TCP/IP Bind Options. 
2 Select TOS Value, then type a value. 
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3 Press Esc until you are prompted to save your changes, then select Yes. 
4 Press Esc to return to the Internetworking Configuration menu. 


5 If you want these changes to take effect immediately, select Reinitialize System > Yes. 


5.8 ARP 


IP routers and end nodes use ARP to determine the physical address of a node to which they want to 
send a packet. ARP is enabled by default. For one node to send a packet to another, the sending node 
must know the physical address of the destination node. The sending node, knowing only the 
destination IP address, first checks its ARP table for an entry that maps the destination IP address to 
the destination physical address. If the sending node finds the entry, it inserts the physical address 
into the packet and sends it. If the sending node does not find the entry in its ARP table, it broadcasts 
an ARP address request to the network. The destination node replies to the request with its own 
physical address, which the sending node uses to send the packet and adds to its ARP table for future 
use. 


ARP Cache Update Timeout is the time period (in seconds) for an entry to be removed from the 
ARP table, if the entry has not been updated. This value can be set only for a primary interface, and 
if ARP Timer is enabled. ARP Timer is disabled by default. For best performance, set the ARP 
Cache Update timeout value to be greater than or equal to the value of ARP Cache Stale Timeout. 


Range = 240 to 14400. Default = 300. 


ARP Cache Stale Timeout is the time period (in seconds) for an entry to be removed from the ARP 
table, if the entry has not been used for some time. If multihoming is enabled, then you can set this 
value for a primary IP interface present in the group. In all other cases, this can be set on all IP 
interfaces. ARP Timer is disabled by default. For best performance, set the ARP Cache Stale 
Timeout value to be lesser than or equal to the value of ARP Cache Update Timeout. 


Range = 240 to 14400. Default = 300. 


An IP router uses Proxy ARP when devices attached to one of its interfaces do not support IP 
subnetting and are unaware that they must go through the router to reach devices on other subnets of 
the same IP network. A router using Proxy ARP replies to ARP requests intended for devices on 
other subnets, but does so only if the device is reachable through the router. To determine whether 
the device is reachable, the router examines its own routing table. 


Proxy ARP is required on the parent network of a stub subnet. The parent network has an IP address 
range that includes the IP address range of the stub subnet. The router responds to ARP requests sent 
on the parent network on behalf of devices on the stub subnet. 


When both the parent and stub subnet are bound to IP interfaces, the router can detect the parent/ 
stub subnet and automatically enable Proxy ARP for the appropriate interfaces. Even if Proxy ARP 
is not required, and not automatically enabled, you can still force it to be enabled with the Force 
Proxy ARP parameter. 


You must enable Force Proxy ARP on each LAN interface on which the router must reply to ARP 
requests for destinations it can reach. Force Proxy ARP is disabled on each interface by default. 


This section contains the following sections: 


+ “Disabling ARP” on page 103 
+ “Enabling Proxy ARP” on page 103 
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+ 


+ 


+ 


“Enabling ARP Timer” on page 104 
“Configuring ARP Cache Update Timeout” on page 104 
“Configuring ARP Cache Stale Timeout” on page 105 


5.8.1 Disabling ARP 


+ 


+ 


“Using Novell Remote Manager” on page 103 
“Using INETCFG” on page 103 


Using Novell Remote Manager 


1 


5 


Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
TCP/IP to interface Bindings > an existing binding. 


Click the View/Modify button to the right of Configure TCP/IP Bind Options, then the View/ 
Modify button to the right of Expert TCP/IP Bind Options. 


Set Use of ARP to Disabled. 


To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 
Save > Back. 


If you want these changes to take effect immediately, click Reinitialize Options. 


Using INETCFG 


1 


a RB © N 


Load INETCFG, then select Bindings > an existing binding > Expert TCP/IP Bind Options > 
ARP Options. 


Select Use of ARP > Disabled. 
Press Esc until you are prompted to save your changes, then select Yes. 
Press Esc to return to the Internetworking Configuration menu. 


If you want these changes to take effect immediately, select Reinitialize System > Yes. 


5.8.2 Enabling Proxy ARP 


+ 


+ 


“Using Novell Remote Manager” on page 103 
“Using INETCFG” on page 104 


Using Novell Remote Manager 


1 


Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
TCP/IP to interface Bindings > an existing binding. 


Click the View/Modify button to the right of Configure TCP/IP Bind Options, then the View/ 
Modify button to the right of Expert TCP/IP Bind Options. 


Set the Force Proxy ARP field to Enabled. 


4 To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 


Save > Back. 


If you want these changes to take effect immediately, click Reinitialize Options. 
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Using INETCFG 


1 Load INETCFG, then select Bindings > an existing binding > Expert TCP/IP Bind Options > 
ARP Options. 

Select Force Proxy ARP > Enabled. 

Press Esc until you are prompted to save your changes, then select Yes. 


Press Esc to return to the Internetworking Configuration menu. 


M RB © N 


If you want these changes to take effect immediately, select Reinitialize System > Yes. 


5.8.3 Enabling ARP Timer 


+ *Using Novell Remote Manager” on page 104 
+ “Using INETCFG” on page 104 


Using Novell Remote Manager 
1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
TCP/IP to interface Bindings > an existing binding. 


2 Click the View/Modify button to the right of Configure TCP/IP Bind Options, then the View/ 
Modify button to the right of Expert TCP/IP Bind Options. 


3 Set ARP Timer to Enabled. 


4 To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 
Save > Back. 


5 Ifyou want these changes to take effect immediately, click Reinitialize Options. 


Using INETCFG 


1 Load INETCFG, then select Bindings > an existing binding > Expert TCP/IP Bind Options > 
ARP Options. 

Select ARP Timer, then select Enabled. 

Press Esc until you are prompted to save your changes, then select Yes. 


Press Esc to return to the Internetworking Configuration menu. 


a R © N 


If you want these changes to take effect immediately, select Reinitialize System > Yes. 


5.8.4 Configuring ARP Cache Update Timeout 


+ *Using Novell Remote Manager” on page 104 
+ “Using INETCFG” on page 105 


Using Novell Remote Manager 


1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
TCP/IP to interface Bindings > an existing binding. 


2 Click the View/Modify button to the right of Configure TCP/IP Bind Options, then the View/ 
Modify button to the right of Expert TCP/IP Bind Options. 


3 Inthe ARP Cache Update Timeout field, type a value in seconds. 
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4 To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 
Save > Back. 


5 If you want these changes to take effect immediately, click Reinitialize Options. 


Using INETCFG 
1 Load INETCFG then select Bindings > an existing binding > Expert TCP/IP Bind Options > 
ARP Options. 
2 Select ARP Cache Update Timeout, then type a value in seconds. 
3 Press Esc until you are prompted to save your changes, then select e. 
4 Press Esc to return to the Internetworking Configuration menu. 


5 Ifyou want these changes to take effect immediately, select Reinitialize System > Yes. 


5.8.5 Configuring ARP Cache Stale Timeout 


+ “Using Novell Remote Manager” on page 105 
+ “Using INETCFG” on page 105 


Using Novell Remote Manager 
1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
TCP/IP to interface Bindings > an existing binding. 


2 Click the View/Modify button to the right of Configure TCP/IP Bind Options, then the View/ 
Modify button to the right of Expert TCP/IP Bind Options. 


3 Inthe ARP Cache Stale Timeout field, type a value in seconds. 


4 To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 
Save > Back. 


5 Ifyou want these changes to take effect immediately, click Reinitialize Options. 


Using INETCFG 
1 Load INETCFG then select Bindings > an existing binding > Expert TCP/IP Bind Options > 
ARP Options. 
2 Select ARP Cache Stale Timeout, then type a value in seconds. 
3 Press Esc until you are prompted to save your changes, then select Yes. 
4 Press Esc to return to the Internetworking Configuration menu. 


5 If you want these changes to take effect immediately, select Reinitialize System and select Yes. 


5.9 Directed Broadcast Forwarding 


A directed broadcast is a broadcast intended for all nodes on a nonlocal network. For example, the 
broadcast address 255.255.255.255 reaches all nodes on a network; the directed broadcast address 
128.1.255.255 is intended for all nodes whose network address is 128.1.0.0. A router not directly 
attached to 128.1.0.0 simply forwards the directed broadcast packet to the next hop. A router on 
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network 128.1.0.0—if it has directed broadcast forwarding enabled—accepts and forwards the 
packet to all nodes whose network address is 128.1.0.0. Routers connecting subnets of 128.1.0.0 
also accept and forward the packet to the nodes on their respective subnets. 





IMPORTANT: For all nodes on network 128.1.0.0 to receive the directed broadcast, each router 
attached to network 128.1.0.0 must have Directed Broadcast Forwarding enabled. 





5.9.1 Enabling Directed Broadcast Forwarding 


+ “Using Novell Remote Manager” on page 106 
+ “Using INETCFG” on page 106 


Using Novell Remote Manager 


1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
Configure TCP/IP. 


2 Set Directed Broadcast Forwarding to Enabled. 
3 Click Save. 

The system displays a TCP/IP Configuration Successful message. 
4 Click OK to return to the TCP/IP Configuration Menu window. 


5 Ifyou want these changes to take effect immediately, click Reinitialize Options. 


Using INETCFG 


1 Load INETCFG, then select Protocols > TCP/IP > Expert Configuration Options. 
2 Select Directed Broadcast Forwarding > Enabled. 

3 Press Esc until you are prompted to save your changes, then select Yes. 

4 Press Esc to return to the Internetworking Configuration menu. 


5 Ifyou want these changes to take effect immediately, select Reinitialize System > Yes. 


5.10 Source Route Packet Forwarding 


Source route packets enable you to determine the route a packet takes to reach its destination. This 
feature is disabled by default. 


+ Section 5.10.1, “Using Novell Remote Manager,” on page 106 
+ Section 5.10.2, “Using INETCFG,” on page 107 


5.10.1 Using Novell Remote Manager 


1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
Configure TCP/IP. 

2 To permit forwarding IP source route packets, set Forward Source Route Packets to Enabled. 

3 Click Save. 


The system displays a TCP/IP Configuration Successful message. 
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4 Click OK to return to the TCP/IP Configuration Menu window. 


5 


If you want these changes to take effect immediately, click Reinitialize Options. 


5.10.2 Using INETCFG 


1 
2 
3 


Load INETCFG, then select Protocols > TCP/IP > Expert Configuration Options. 
Select Forward Source Route Packets > Enabled. 


Press Esc until you are prompted to save your changes, then select Yes. 


4 Press Esc to return to the Internetworking Configuration menu. 


5 Ifyou want these changes to take effect immediately, select Reinitialize System > Yes. 


5.11 BOOTP Forwarding 


BOOTP is a protocol that enables end nodes to receive their IP addresses from a BOOTP server at 
startup time. If your internetwork has a BOOTP or DHCP server, you can configure your IP router to 
accept and forward BOOTP or DHCP requests to that server. 


You can configure BOOTP forwarding by using INETCFG. 


1 


Load INETCFG, then select Protocols > TCP/IP > Expert Configuration Options > BootP 
Forwarding Configuration. 


2 Select BootP Server List, then press Insert. 


Enter the IP address of the BOOTP or DHCP server at the prompt, or press Insert to display a 
list of symbolic hostnames and addresses from the sys: \etc\hosts file. 


The server address appears in the BOOTP Servers screen. 


Press Esc. 


5 Select BootP Packet Forwarding > Enabled. 


If you want to record the activity ofthe BOOTP forwarder, select Log Operation and then 
select one of the following options: 


+ Log to BootP Screen: Logs BOOTP activity to the BOOTP screen. This is a separate 
screen that you can select and monitor from the NetWare console. The information logged 
to this screen is not saved to a file. 


+ Log to File: Logs BOOTP activity to the sys:\etc\bootp.log file by default. To use a 
different file, type its full path name in the Log File field. 


(Conditional) If you do not want to record the activity of the BOOTP forwarder, select Do Not 
Log. 


Press Esc until you are prompted to save your changes, then select Yes. 


9 Press Esc to return to the Internetworking Configuration menu. 


If you want these changes to take effect immediately, select Reinitialize System > Yes. 
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5.12 EGP 


The Exterior Gateway Protocol (EGP) is an exterior routing protocol that is supported by the TCP/IP 
software. Exterior routing protocols exchange information between different Autonomous Systems 
(ASs). The local EGP gets the information about its own AS from the local Interior Gateway 
Protocols (IGPs). Usually, exterior routing protocols are used only when different companies or 
commercial services are being connected. 


The information EGP receives from the IGP must be explicitly configured. The exterior routing 
protocol shares only the information specified in the outgoing route filters. This is desirable because 
you generally want to limit the information exchanged between different ASs. 


You can configure EGP using INETCFG. 


1 Load INETCFG, then select Protocols > TCP/IP > Expert Configuration Options. 
2 Select EGP > Enabled. 
3 Select EGP Configuration, then configure the following parameters: 


+ Autonomous System: Specify the autonomous system number. It identifies the 
autonomous system to which the router belongs. The router establishes an EGP neighbor 
relationship with routers in other autonomous systems. 


+ Maximum neighbours to Acquire: Specify the maximum number of concurrent EGP 
neighbors with which this router can exchange EGP network reachability information. 


+ Neighbour List: Select this field to add, modify, or delete EGP neighbors. This router 
attempts to establish a relationship with the configured EGP neighbors to exchange 
network reachability information. Press Insert, then configure the following parameters: 


Neighbor's Address: Press Insert to display a list of symbolic hostnames from the 
sys:\etc\hosts file. Select a host here or enter the address. 


Neighbor’s Autonomous System: Enter the number of the autonomous system to which 
this EGP neighbor belongs. The router is able to be a neighbor with the EGP peer only 
when the router and the EGP peer are in different autonomous systems. 


4 Press Esc until you are prompted to save your changes, then select Yes. 
5 Press Esc to return to the Internetworking Configuration menu. 


6 If you want these changes to take effect immediately, select Reinitialize System > Yes. 


5.13 Multiple Logical Interfaces 


Novell TCP/IP allows you to bind more than one IP network to a LAN board. The networks can 
operate as separate logical interfaces. The ability to configure multiple logical interfaces simplifies 
the task of managing a growing network in the following ways: 


+ You can merge network when a there is a router failure. 


See “Merging Two Networks When the Connecting Router Fails” on page 109. 
+ You can move hosts from one IP network to another without losing connectivity. 
See “Reassigning IP Addresses” on page 110. 
+ You can add new nodes to a nearly full subnet. 
See “Adding New Nodes to a Full Subnet” on page 110. 


108 NW 6.5 SP8: TCP/ IP Administration Guide 


To attach more than one IP network to a LAN board, bind IP to the board as many times as 
necessary; then supply a different IP address for each network. 


Configuring multiple logical interfaces is different from multihoming, which enables you to bind 
multiple addresses belonging to the same IP network to the same interface or different interfaces. To 
configure multihoming, refer to Section 5.15, “Secondary IP Address,” on page 111. 


5.13.1 Merging Two Networks When the Connecting Router 
Fails 


Suppose a router that connects IP networks 130.81.0.0 and 167.10.0.0 fails. For simplicity, assume 
that the physical medium is Ethernet. If the router cannot be repaired quickly, you can temporarily 
fix the problem by using Novell Remote Manager or INETCFG: 

+ “Using Novell Remote Manager” on page 109 


+ “Using INETCFG” on page 109 


Using Novell Remote Manager 
1 Join two networks into a single network segment using a barrel connector, a repeater, or other 
appropriate means. 
2 Find a system operating Novell TCP/IP connected to the joined network. 


3 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
Configure TCP/IP. 


4 Set IP Packet Forwarding to Enabled (Router). 

5 Click Save. 

The system displays a TCP/IP Configuration Successful message. 

6 Click OK to return to the TCP/IP Configuration Menu window. 

7 Click TCP/IP to interface Bindings, then bind IP to the joined network twice. 
7a Click an existing binding to an interface connected to the joined network. 
7b Set Local IP Address to an available host address on the first network. 

In this example, type an available host address on the 130.81.0.0 network. 


7c Click Save to save your changes and return to the List of Configured Bindings for TCP/IP 
window. 


7d To create a new binding and select the same interface connected to the joined network, 
click Add. 


7e Set Local IP Address to an available host address on the second network. 
In this example, type an available host address on the 167.10.0.0 network. 


8 To save your changes and return to the TCP/IP Configuration Menu window, click Save > 
Back. 


9 If you want these changes to take effect immediately, click Reinitialize Options. 


Using INETCFG 


1 Join two networks into a single network segment using a barrel connector, a repeater, or other 
appropriate means. 
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Find a system operating Novell TCP/IP connected to the joined network. 
Load INETCFG, then select Protocols > TCP/IP. 

Set IP Packet Forwarding to Enabled (Router). 

Press Esc until you are prompted to save your changes, then select Yes. 


Press Esc to return to the Internetworking Configuration menu. 


NO OI R © DN 


Select Bindings, then bind IP to the joined network twice. 
7a Select an existing binding to an interface connected to the joined network. 
7b Set Local IP Address to an available host address on the first network. 

In this example, enter an available host address on the 130.81.0.0 network. 
7c Press Esc, then save your change when prompted. 


7d Press Insert to create a new binding and select the same interface connected to the joined 
network. 


7e Set Local IP Address to an available host address on the second network. 
In this example, enter an available host address on the 167.10.0.0 network. 
8 Press Esc until you are prompted to save your changes, then select Yes. 
9 Press Esc to return to the Internetworking Configuration menu. 


10 If you want these changes to take effect immediately, select Reinitialize System > Yes. 


5.13.2 Reassigning IP Addresses 


Suppose you must change network number 89 to 130.57. If the system does not have multiple 
logical interfaces, you must change all IP addresses on network 89 at the same time or lose 
connectivity to any host that did not have its address changed. 


With multiple logical interfaces, you can assign the new IP addresses gradually. Networks 89 and 
130.57 can coexist on the same network segment until the transition is complete. The router 
interfaces attached to both logical networks, forward packets for each network and route packets 
between the two. 


5.13.3 Adding New Nodes to a Full Subnet 


Suppose you want to add several new nodes to a subnet that has no more available IP addresses. 
Assume that the network has enough free connectors available to physically attach the nodes. 


First, you assign a new subnet number to the cable so that both subnets share the cable. Then, to add 
new nodes, you bind their IP addresses to the new logical subnet. The router whose interface is 
bound to both subnet addresses provides connectivity between the two subnets and to the rest of the 
internetwork. 


5.14 Default IP Address 


1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
Configure TCP/IP. 


The TCP/IP Protocol Configuration window displays. 
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Figure 5-13 TCP/IP Protocol Configuration Window 


A TCP/IP Protocol Configuration : TCPIP-HOST1 - Microsoft Internet Explorer 
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IP Packet Forwarding : [Disabled y] 
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OSPF Configuration: View / Modify | 
LAN Static Routing: [Enabled] 


LAN Static Routing Table: View / Modify | 
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172.16.1.1 
Outbound VIPA Support: 192.158.1.1 
172.156.1.2 
10.111 
Forward Source Route Packets: Disabled 


Directed Broadcast Forwarding: 


Load Balancing and Fault Tolerance: 


Load Balancing: [Disabled El 
Load Balancing Configuration: View / Modify | 
Fault Tolerance: [Enba >] 
Fault Tolerance Configuration: View / Modify | 


Dead Gateway Detection: 


Dead Gateway Detection Status: [Disabled y] 
Dead Gateway Detection Configuration: View / Modify | 


Filtering Options: 


Filter Support: [Disabled y] 
NAT Implicit Filtering: [Enabled +] 
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2 In the Default IP Address field, select one of the primary addresses from the drop-down list as 
the default IP address for the server. 


3 Click Save > Back to return to the TCP/IP Configuration Menu window. 


You can view the applications which are configured to use the default IP address using the IP 
Address Management framework. See the OES 2: Novell IP Address Management for NetWare 
Administration Guide (http://www.novell.com/documentation/oes2/mgmt ip nw/ 
index.html?page-/documentation/oes2/mgmt ip nw/data/ai0fpcs.htmlaiOfpcs). 


5.15 Secondary IP Address 


A secondary IP address can be configured on the same interface that has the primary IP address. 
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When multiple interfaces exist, the secondary address is associated with the interface that is bound 
to an address that is on the same network. If there are more than one interface on the same network, 
then you can select the interface to add the secondary IP address. If the secondary address is not 
valid on any of the networks bound to existing interfaces, the address is rejected and an error 
message is produced. 


You can configure a secondary IP addresses by using Novell Remote Manager or INETCFG. 


+ Section 5.15.1, “Using Novell Remote Manager,” on page 112 
+ Section 5.15.2, “Using INETCFG,” on page 113 


5.15.1 Using Novell Remote Manager 


1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
TCP/IP to interface Bindings > an existing binding. 


2 Click the View/Modify button to the right of Secondary IP Address Support. 
Figure 5-14 Secondary IP Address Configuration of board_name Interface Window 


E Binding TCP/IP to a LAN Interface - Microsoft Internet Explorer 






Secondary IP Address Configuration of N100 1 EII Interface 


Secondary IP Address Status [Enabled +] 
Secondary IP Address List on this Interface [Empty List +] dd 


Apply | Back | 





[E] Done ("JĄ [49 Internet Y 





3 Set Secondary IP Address Status to Enabled, then click the Add button to the right of 
Secondary IP Address List on this Interface. 
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Figure 5-15 Secondary IP Address Configuration Window 


3 Binding TCP/IP to an Interface - Microsoft Internet Explorer 


Secondary IP Address Configuration 


Secondary IP Address | | [ | [ [ 
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4 Inthe Secondary IP Address Configuration window, type a secondary IP address. 
5 To add the secondary IP address as a non-ARPable one, set Arpable to No. 


6 To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 
Apply > Save > Back. 


7 Ifyou want these changes to take effect immediately, click Reinitialize Options. 


5.15.2 Using INETCFG 


1 Load INETCFG, then select Bindings > an existing TCP/IP binding > Secondary IP Address 
Support. 


2 Select Secondary IP Address Status > Enabled. 


3 Select Secondary IP Address List on this Interface, to add, modify, or delete a secondary IP 
address. 


4 To add a Non-Arpable Secondary IP address, set the Arpable to No. 
Press Esc until you are prompted to save your changes, then select Yes. 


6 Ifyou want these changes to take effect immediately, select Reinitialize System > Yes. 


5.16 Virtual IP Address 


You can configure a virtual IP address by using Novell Remote Manager or INETCFG. 


+ Section 5.16.1, “Using Novell Remote Manager,” on page 114 
+ Section 5.16.2, “Configuring Outbound VIPA Support,” on page 116 
+ Section 5.16.3, “Using INETCFG,” on page 116 
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5.16.1 Using Novell Remote Manager 


1 Log in to Novell Remote Manager, then click Configure TCPIP > Start TCP/IP Configuration > 
Configure Boards > Add. 
The Select a Driver window is displayed. 
2 Click the VNIC link under Board Name. 
The New Board Configuration [VNIC] window is displayed. 
Figure 5-16 New Board Configuration [VNIC] Window 


Z Configured Boards : TCPIP-IPMGMT - Microsoft Internet Explorer 









New Board Configuration [VNIC] 


Board Name: | 
Comment: | 
Board Status: | Enabled -| 


Driver Info : 





No driver information available 


Save | Back | Reset | z 
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3 Specify a board name, then click Save > Save to save your changes and return to the TCP/IP 
Configuration Menu window. 


4 Click TCP/IP to interface Bindings > Add. 


Figure 5-17 Select a Configured Network Interface Window 













Sli Boards List : TCPIP-IPMGMT - Microsoft Internet Explorer 





Select A Configured Network Interface 
Driver Name Board Name Media Status 
CE100B CE100B_1 Ethernet Enabled 
CE100B CE100B_2 Ethernet Enabled 
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Back 
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5 In the Select a Configured Network Interface window, click the VNIC board name entry under 
Board Name. 
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Figure 5-18 Binding TCP/IP to Virtual Interface Window 


E] Binding TCP/IP to an Interface - Microsoft Internet Explorer 


Binding TCP/IP to Virtual Interface 


Virtual Network Interface: WNIC 
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6 Inthe Binding TCP/IP to Virtual Interface window, type a virtual IP address and a virtual 
subnet mask. 


7 Click the View/Modify button to the right of Secondary IP Address Support. 





Figure 5-19 Secondary IP Address Configuration of VNIC Interface Window 
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8 Inthe Secondary IP Address Configuration of VNIC Interface window, set Secondary IP 
Address Status to Enabled, then click the Add button to the right of Secondary IP Address List 
on this Interface. 


Figure 5-20 Secondary IP Address Configuration Window 
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9 In the Secondary IP Address Configuration window, type a secondary IP address. 


10 To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 
Apply > Save > Back. 


11 If you want these changes to take effect immediately, click Reinitialize Options. 


5.16.2 Configuring Outbound VIPA Support 


You can configure Outbound VIPA Support if you have any Virtual IP Address (VIPA) configured 
and if there are any TCP/UDP client applications, which issue requests to remote servers with 
wildcard source addresses through this interface. With this option enabled, all TCP/UDP client 
request packets will have their source IP address field set to the primary virtual IP address. However, 
enabling this option forces TCP/IP to use the primary virtual IP address as the packet's source IP 
address. 


You can enable Outbound VIPA Support at either the system level or the interface level. 
At System Level 


1 Click Configure TCPIP > Start TCP/IP Configuration > Configure TCP/IP. 
2 In the TCP/IP Protocol Configuration window, set Outbound VIPA Support to Enabled. 


3 To save your changes and return to the TCP/IP Configuration Menu window, click Save > OK. 





NOTE: Enabling this option forces TCP/IP to use the primary virtual IP address as the packet’s 
source IP address. 





At Interface Level 


1 Click Configure TCPIP > Start TCP/IP Configuration > TCP/IP to interface Bindings > an 
existing binding. 

2 Click the View/Modify button to the right of Configure TCP/IP Bind Options, then the View/ 
Modify button to the right of Expert TCP/IP Bind Options. 


3 In the Expert TCP/IP LAN Options of board name with IP Address /P_address window, set 
Outbound VIPA Support to Enabled. 


4 To save your changes and return to the TCP/IP Configuration Menu window, click Apply > 
Save > Back. 





IMPORTANT: When you set this option at the interface level, it is effective only if Outbound VIPA 
Support is enabled in the TCP/IP Protocols Menu window as well. 


5.16.3 Using INETCFG 


1 Load INETCFG, then select Board - Add a Virtual NIC Driver. 
See "Using INETCFG to Configure a Board" on page 51. 

2 Select Bindings - Bind a Virtual IP Address to the Virtual Interface. 
See Section 3.6, “Binding Protocols," on page 56. 

3 Press Esc until you are prompted to save your changes, then select Yes. 


4 If you want these changes to take effect immediately, select Reinitialize System > Yes. 
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5.17 NIC Teaming Solution 


You can configure the NIC teaming solution by first editing the and then using INETCFG. 


+ Section 5.17.1, “Transferring Commands by Using autoexec.ncf,” on page 117 
+ Section 5.17.2, “Configuring Teaming by Using INETCFG,” on page 118 

¢ Section 5.17.3, “Example Configurations,” on page 119 

+ Section 5.17.4, “Fine-Tuning with SET Parameters,” on page 121 

¢ Section 5.17.5, “Using Multiple Post-Bind Commands,” on page 121 


5.17.1 Transferring Commands by Using autoexec.ncf 


Console commands can be executed by using the autoexec.ncf file (or by using any .NCF file if you 
want to run the file separately instead of at boot time). Commands in the file are executed in a 
specified sequence at boot time. 


1 Load physical drivers. 

2 Load the virtual driver. 

3 Bind the virtual driver to physical drivers. 

4 Add the necessary post-bind commands. 

5 Bind IP to the virtual driver with an IP address. 


Using Post-Bind Commands 

Post-bind commands need a special syntax in order to distinguish them from other load commands. 
Teaming drivers act as both protocol and driver. 

As Protocol: Real NICs bind to this protocol. 

As Drivers: They bind to the upper layer (network layer). 


INETCFG, on its first load, prompts you to transfer commands from autoexec.ncf to netinfo.cfg. 
autoexec.ncf contains only load and bind commands. The first command is for loading a protocol 
and the second one is for binding a protocol to a driver. 


When acting as a protocol, the post-bind commands must be enclosed within two # lines. The first # 
line in the autoexec.ncf file should follow this syntax: 


#PostBindCommand-<ProtocolName> 


ProtocolName is the name of the user-specified protocol. Post-bind command is the command line 
that needs to be executed after all bindings. 


An autoexec.ncf file would appear as follows: 
#PostBindCommand-<ProtocolName> 
«post bind commandl> 

<post bind command2> 


<post bind command3> 
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# End of postbind commands 


It is called a post-bind command because in the LB & FT solutions provided by third-party drivers 
such as Compaq, Dell, this command must be executed after all bind commands of the user- 
specified protocol (CPQANS for Compaq, ians for Dell). This special syntax is the only requirement 
for INETCFG to recognize any post-bind command. 


For example, you would enter the following commands in autoexec.ncf if you were using Compaq's 
NIC teaming solution: 


Load cel00b frame=ethernet_ii 


Load cpqnf3 frame=ethernet ii 





Load cpqans frame=ethernet ii 
Bind cpqans cpqnf3 
postbindcommand cpqans 


Load cpqans commit 





End of post bind command 





Load tcpip 


Bind ip cpqans addr-172.16.1.1 


5.17.2 Configuring Teaming by Using INETCFG 


To use INETCFG to set up a team of network boards: 





1 Atthe server console, enter INETCFG. 


You can use INETCFG to enable and configure various protocol stacks and to bind the 
protocols to the network interfaces 


2 (Conditional) Transfer the commands from autoexec.ncf to netinfo.cfg when prompted. 


3 (Conditional) If you choose to delete the netinfo.cfg file or if it has been corrupted, make sure 
you also delete the tcpip.cfg file. 


4 In INETCFG, select Boards and add or verify that the correct LOAD commands exist for each 
network board. For example: 


Load cel00b frame-ethernet ii 
Load cpqnf3 frame-ethernet ii 
Load cpqans frame-ethernet ii 


5 Add a command to load a virtual driver. For example: 





Load cpqans frame-ethernet ii 
6 Bind the virtual driver to each network board in the team. For example: 


Bind cpqans cel00b 





Bind cpqans cpqnf3 
7 Adda beginning post-bind command: 
#postbindcommand cpqans 


8 Add the post-bind command following the syntax LOAD virtual_ driver COMMIT. For 
example: 
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Load cpqans commit 
9 Add the closing post-bind command if applicable. 
10 Enter the command to load the IP protocol: 
Load tcpip 
11 Bind the IP address to the virtual driver. For example: 
Bind ip cpgans addr=172.16.1.1 
12 Verify that you entered the commands correctly. 
If you follow the steps correctly, you see a file with commands similar to the following: 
Load cel00b frame-ethernet ii 


Load cpqnf3 frame-ethernet ii 





Load cpqans frame-ethernet ii 
Bind cpqans cel00b 

Bind cpqans cpqnf3 
postbindcommand cpqans 


Load cpqans commit 





End of post bind command 





Load tcpip 
Bind ip cpgans addr=172.16.1.1 


13 Enable the configuration by selecting Reinitialize System. 


5.17.3 Example Configurations 


The following examples show how INETCFG should be used to configure NIC teaming drivers. 
* "Example 1: Configuring CPQANS to Provide the NIC Teaming Solution" on page 119 
* "Example 2: Add some wording to say what the example does" on page 120 

Example 1: Configuring CPQANS to Provide the NIC Teaming Solution 

The configuration through autoexec.ncf is as follows: 


Load cel00b frame-ethernet ii name-cel00b 1 eii slot=1 


Load ne2000 frame-ethernet ii name-ne2000 1 eii slot-2 








Load cpqans frame-ethernet ii name-alb team mode-alb 

Bind cpqans cel00b 1 eii 

Bind cpqans ne2000 1 eii 

#PostBindCommand cpgans 

Load cpqans commit 

# 

Bind ip cpqans addr=172.16.1.2 mask=255.240.0.0 gate=172.16.1.3 


Commands 1, 2, and 3 should be configured in the boards section. 
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Command 7 must be entered in Protocols > User Specified Protocol. First, insert a protocol name. In 
this example, it is CPQANS. (This name must be the same as the one that will be entered in the 
bindings section later.) Then enter post-bind commands. 


Commands 6 and 8 help in parsing autoexec.ncf to transfer commands to INETCFG. 


Commands 4, 5, and 9 are from the Bindings section. 


Example 2: Add some wording to say what the example does 
Suppose autoexec.ncf contains the following lines: 
Load cel00b frame=ethernet_ii name=cel00b 1 eii slot=1 


Load ne2000 frame=ethernet ii name-ne2000 1 eii slot=2 





Load cpqans frame-ethernet ii name-alb team mode-alb team-1 
Load cpqnf3 frame-ethernet ii name-cpqnf3 1 eii slot-3 


Load n100 frame-ethernet ii name-n100 1 eii slot-4 





Load cpqans frame-ethernet ii name-nft team mode-nft team-2 





Bind cpgans cel00b 1 eii team=1 
Bind cpgans ne2000 1 eii team=1 


Bind cpqans cpqnf3 1 eii team-2 





Bind cpqans n100 1 eii team-2 
PostBindCommand cpqans 
Load cpqans commit team=1 


Load cpqans commit team-2 





This is the end of post bind commands 
Bind ip cpqans addr-172.16.1.2 mask-255.240.0.0 gate-172.16.1.3 


If these lines are not in autoexec.ncf, you can do a similar configuration as follows. (This example is 
similar to the previous one. The only difference is that there are two teams.) 


Commands | to 6 are in the boards section. 


Commands 12 and 13 are in the user-specified protocol section and Steps 11 and 14 help in parsing 
autoexec.ncf. 


Commands 7 to 10 are through bindings. Team=1 or 2 must be entered in the parameters field. 
Command 15 is another binding. 


Whenever a new driver is going to be added and bound to CPQANS, an extra post-bind command, 
“load cpqans recommit", must be added in the user-specified protocol section. 





NOTE: 1oad cpqans commit is a time-sensitive command. Make sure that it is executed before 
binding IP to CPQANS and after all bindings of CPQANS are configured. For example, suppose 
configuration through INETCFG is as follows: 
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1. Load D1 and D2 from boards and load CPQANS. 

2. Enter CPQANS as a protocol and add the proper post-bind commands in the user-specified 
protocol section. 

3. Add bindings for CPQANS as well as TCPIP. 


4. Reinitialize the system 


If, by mistake, the system is reinitialized before Step 3, the configuration might not succeed (even 
though Step 4 has been executed) because load cpqans commit was executed at the wrong time. 


To avoid this situation, you should use two post-bind commands: load cpgans commit team = 
xxx and load cpgans recommit team = xxx for each configured team in the post-bind 
commands section. 





5.17.4 Fine-Tuning with SET Parameters 


These third-party NIC teaming solutions provide some set parameters for fine-tuning the 
configuration. They can also take place in the post-bind commands section. 


5.17.5 Using Multiple Post-Bind Commands 


The load cpgans commit and load cpgans recommit commands should be executed after the 
execution of bindings of NIC teaming drivers to physical drivers and before the execution of 
bindings of IP NIC teaming drivers. All commands of a particular configuration in INETCFG would 
be executed only after a re-initialization. So, as part of the configuration, you should update the 
post-bind commands section according to the configuration. 


For example, the first time three bindings (CPQANS to D1, CPQANS to D2, and IP to CPQANS) 
are configured, the post-bind commands section should contain load cpqans commit. 


If you add another binding (for example CPQANS to D3) to INETCFG after a re-initialization, the 
post-bind commands section should contain load cpqans recommit instead of load cpqans 
commit. You should make this change before doing another re-initialization. Otherwise, an inactive 
configuration may result. 


A similar case is disabling a binding and later re-enabling it. This is because enabling a binding is 
similar to adding a new binding (provided disabling and enabling of the binding contain a re- 
initialization in between). 


To avoid these types of complicated reconfigurations associated with NIC teaming solutions, we 
recommend that you use load cpqans commit team = xxx and load cpqans recommit team 
= xxx for each team you configure. 
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Managing TCP/IP 


This section describes the diagnostic utilities used to manage the Novell® TCP/IP software. These 
utilities enable you to manage, optimize, and troubleshoot the product and its connections. The 
following topics are included: 


+ 


+ 


+ 


+ 


+ 


+ 


+ 


Section 6.1, “Web-Based TCP/IP Monitoring,” on page 123 

Section 6.2, “Using the TCPCON Utility,” on page 128 

Section 7.3, “Procedure for Troubleshooting,” on page 132 

Section 6.3, “Viewing TCP/IP Configuration Information,” on page 128 

Section 6.4, “Determining Whether a Remote TCP/IP Node Is Reachable,” on page 129 
Section 6.5, “Monitoring Error Counters,” on page 129 


Section 6.6, “Monitoring TCP/IP Information,” on page 129 


6.1 Web-Based TCP/IP Monitoring 


In NetWare” 6.5, tcpstats. nim has been introduced to provide access to information through a 
Web browser. This NLM™ is a snap-in to portal.nlm. 


The statistics are the same as those provided by tcpcon.nlm. You can also view debugging 
information for tcp.nlm, tcpip.nlm, and netlib.nlm. 


To use NetWare? Remote Manager to view the tcpstats.nlm information: 


1 Use http://Server_name:8008 to connect from any Web browser to a server running portal.nlm 


2 


and tcpstats.nlm. 
If there is no DNS entry for the server, use the IP address instead of the Server name. 
In the left pane, click Manage Applications > Protocol Information. 


The General Protocol Information page displays. 
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Figure 6-1 General Protocol Information Page 
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3 Click the protocol or NLM that you want to view information for. 
4 Click the IP link under the section. 
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Figure 6-2 Bottom Section of Protocol Statistics Monitoring - IP Page 
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The Protocol Statistics Monitoring - IP Page displays configuration information and statistics 


for the Internet Protocol (IP). 


5 Click Back, then click the TCP link under the Specific Protocol Information section. 
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Figure 6-3 Protocol Statistics Monitoring - TCP Page 
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The Protocol Statistics Monitoring - TCP page displays the configuration information and 
statistics for the Transmission Control Protocol (TCP). 


Similarly, you can also see details of the following protocols: 


+ UDP: User Datagram Protocol (UDP) statistics. 


+ ICMP: Configuration information and statistics for the Internet Control Message Protocol 


(ICMP). 


+ OSPF: Configuration information and statistics for the Open Shortest Path First (OSPF) 


protocol. 


+ EGP: Configuration information and statistics for the Exterior Gateway Protocol (EGP). 
6 Click the TCPIP.NLM link under the Statistics section. 
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Figure 6-4 Protocol Statistics Monitoring - TCPIP.NLM Debug Information Page 
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The Protocol Statistics Monitoring - TCPIP.NLM Debug Information page displays the 
debugging information and statistics for tcpip.nlm. 


Similarly, you can also see details of the following files: 


* TCP.NLM: Debugging information and statistics for tcpip.nlm. 


* BSDSOCK.NLM Debug Information: Debugging information and statistics for 


bsdsock.nlm. 


* NETLIB.NLM Debug Information: Debugging information and statistics for 


netlib.nlm. 


TIP: Each page has online help that gives detailed information about the statistics displayed on 


that page. 
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6.2 Using the TCPCON Utility 


TCPCON is an NLM utility that provides access to statistics and information about the status of 
various components of the TCP/IP protocol suite. TCPCON uses SNMP to access this information 
from any local or remote system on the network. TCPCON operates over TCP/IP and IPX™ 
networks. 


To launch TCPCON, enter LOAD TCPCON at the system console prompt. 


To monitor a remote system in TCPCON, select SNMP Access Configuration, change the Transport 
Protocol option to TCP/IP and set the Host option to the IP address of the remote host you want to 
monitor. Press Esc to exit and save the options. If details from that remote host are displayed, there 
is a bidirectional route available. 


You can use TCPCON to perform the following tasks: 


¢ Monitor activity in the TCP/IP network segments of your internetwork. 


¢ Display configuration information and statistics about the IP, ICMP, UDP, TCP, OSPF, and 
EGP protocols. 


¢ Display the IP routes currently known to a TCP/IP node. 
¢ Display the network interfaces supported by a TCP/IP node. 
+ Access the trap log maintained by SNMPLOG (for the local system only). 


+ Access TCP/IP information in any remote protocol stack supporting the TCP/IP Management 
Information Base (MIB). 





TIP: TCPCON requires SNMP to be loaded on the remote host; otherwise, you receive an error 
message that the host is unavailable. Another cause of the Host Unavailable message might be a 
routing error. To check for errors in the routing table, accept the default value of 127.0.0.1 in the 
Host option under SNMP Access Configuration. Select Routing Table to view the routing 
information table that the routing software has received from routing protocols (RIP and OSPF) or 
static routes. Compare this to the address topology of the network. 





6.3 Viewing TCP/IP Configuration Information 
To see how TCP/IP is configured, load TCPCON and select the following options: 


+ SNMP Access Configuration: View and change SNMP access configuration. 

+ Protocol Information: View and change the run-time configuration of TCP/IP protocols. 
¢ IP Routing: View, change, and create IP routes. 

¢ Statistics: View detailed TCP/IP statistics. 

¢ Interfaces: View information about network interfaces. 


¢ Display Local Traps: View the local system SNMP trap log. 
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6.4 Determining Whether a Remote TCP/IP Node 
Is Reachable 


To determine whether a remote node is reachable, run an Echo test: 


1 Load PING. 
2 Specify the remote node address in the Host Name field. 


3 Specify the number of seconds between each transmission in the Seconds to Pause between 
pings field. 


4 Specify the packet size to be transmitted in the IP Packet Size to send in Bytes field. 


5 Press Esc to begin transmitting. 


If you receive an echo reply packet, the remote node is reachable. 


6.5 Monitoring Error Counters 


Error counters are monitored to make sure they are not increasing rapidly, because a rapid increase 
indicates a problem. For information about troubleshooting these problems, see “Troubleshooting” 
on page 131. 


You can monitor error counters for TCP/IP interfaces in the following ways: 


+ Use MONITOR to view counters such as Checksum Errors, Send and Receive Packet Errors, 
and interface-specific errors. To view these counters, load MONITOR and select LAN/WAN 
information > interface you want to view. 


+ Use TCPCON to view the following TCP/IP counters: 
¢ IP Errors 
+ IP Address Errors 
+ Unknown Protocol Errors 
¢ Local Errors 
+ Reassembly Failures Detected 
+ Fragmentation Failures Detected 
To view these counters, load TCPCON and select Statistics > IP > More IP Statistics. 


6.6 Monitoring TCP/IP Information 


Monitoring TCP/IP information can give you a clear view of the status of your TCP/IP network and 
whether the router is configured properly to run efficiently in the network. This information can also 
be helpful in troubleshooting and optimizing of the network. 


+ Section 6.6.1, “Checking the TCP/IP Routing Table,” on page 129 
¢ Section 6.6.2, “Monitoring the Configured TCP/IP Protocols,” on page 130 


6.6.1 Checking the TCP/IP Routing Table 


To check the TCP/IP routing table and information associated with each route, load TCPCON and 
then select IP Routing Table > Proceed > entry you want to view. 
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The IP Routing Table window shows you all known TCP/IP destination networks and the following 
information about each item: 


+ 


+ 


+ 


+ 


+ 


IP address of the destination 

IP address of the next hop router 
Type of the route (direct, remote) 
Primary cost for the route 


Interface used to reach a route 


The IP Route Information window expands on this by showing information about the mask used, the 
routing protocol through which the destination was learned, and the age of the route. 


6.6.2 Monitoring the Configured TCP/IP Protocols 


You can view, and sometimes change, the configuration of TCP/IP protocols configured for use in 
your router. You can reach this information by loading TCPCON and selecting Protocol 
Information. You can configure and view statistics and other information for the following 
protocols: 


+ 


+ 


+ 


+ 


+ 


+ 


EGP 
ICMP 
IP 
OSPF 
TCP 
UDP 


For additional information about each protocol, press Fl to access online help. 
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Troubleshooting 


This section contains IP troubleshooting information that is divided into three categories: 


+ Section 7.1, “INETCFG,” on page 131 
¢ Section 7.2, “Using TCPCON for Troubleshooting,” on page 131 
+ Section 7.3, “Procedure for Troubleshooting,” on page 132 


+ Section 7.4, “Common Problems,” on page 133 


7.1 INETCFG 


INETCFG (inetcfg.nlm) is an Internetworking Configuration utility for the NetWare server. 
inetcfg.nlm It is a server console utility that provides menus for configuring LAN boards, protocols, 
and bindings. In NetWare 6.5, INETCFG supports the configuration of NIC teaming solutions 
provided by third-party drivers such as Compaq* and Dell*. 


Teaming is logically grouping the NICs so that they appear to the operating system as just one 
network interface. The benefits include gaining extra network bandwidth and not needing to deal 
with multiple NIC addresses. Instead, you can assign a single “virtual” IP address to a team of 
adapters. Teaming is effective in cases where you install two or more NICs in a server. 


Most teaming solutions come with failover protection. Teaming allows your network to tolerate the 
failure of one or more adapters within a group, thus offering high availability. In addition, this kind 
of fault tolerance can be configured to work with complete transparency. The remaining NICs in the 
team continue to work if another card stops working or if a cable is disconnected. 


7.2 Using TCPCON for Troubleshooting 


TCPCON is an NLM™ utility that provides access to statistics and information about the status of 
various components of the TCP/IP protocol suite. It uses SNMP to access this information from any 
local or remote system on the network. TCPCON operates over TCP/IP networks. 


You can use TCPCON to perform the following tasks: 


+ Monitor activity in the TCP/IP network segments of your internetwork. 


¢ Display configuration information and statistics about the IP, ICMP, UDP, TCP, OSPF, and 
EGP protocols 


¢ Display the IP routes currently known to a TCP/IP node. 

¢ Display the network interfaces supported by a TCP/IP node. 

+ Access TCP/IP information in any remote protocol stack supporting the TCP/IP Management 
Information Base (MIB). 


To load TCPCON, enter LOAD TCPCON at the system console prompt. 


Troubleshooting 


131 


7.3 Procedure for Troubleshooting 


To isolate and resolve TCP/IP problems: 
1 To verify that IP is bound to the desired interfaces with the correct addresses and masks for 
your internetwork, to load TCPCON, then select Protocols > IP > IP Addresses. 


Use INETCFG to make any required corrections. (To load INETCFG, enter inetcfg at the 
server prompt.) 


2 To check the routing table for routes to the required network, enter LOAD TCPCON at the system 
console prompt to load TCPCON, select IP Routing Table > Proceed, then press Enter. 


If routes are missing, verify that the required routing protocols have been enabled and bound to 
the correct interfaces in INETCFG. Also verify that the routing protocol in use on an interface 
1s correctly configured on other routers that are accessible through that interface. 


3 To verify that static routing is configured if other third-party routers that do not use RIP or 
OSPF are connected on the network, load INETCFG and then select Protocols > TCP/IP > 
LAN Static Routing. 


4 To verify that the IP Packet Forwarding statistic is set to Enabled, load INETCFG, then select 
Protocols > TCP/IP > IP Packet Forwarding. 


Use INETCFG to make any required corrections, then reinitialize the system. 
5 Use PING or TPING to test connectivity. 


Perform Step 1 through Step 4 on any routers that cannot be reached. Start with the router that 
1s closest to the local node. 


6 Verify that all client software has the Default Router parameter configured to match the IP 
address of the network board inside the router that is connected to the local segment. 


7 Load TCPCON for the following IP statistics: 
¢ Local errors (memory error) 
¢ IP errors (unexpected protocol errors) 


Check the configuration of other IP nodes on the network. Reduce IP traffic or use a 
network analyzer to identify the source of invalid packets. 


¢ IP address errors (misdirected packets) 


Check the Address Translation tables on other IP nodes to determine the source of the 
errors. 


+ Unknown protocol errors (unsupported IP clients) 
Load the required applications. 
+ No route found (router failure) 
Check the configuration of the routing protocols. 
8 Load TCPCON for the following ICMP statistics: 
¢ Destination unreachable (network failure) 


Use a network analyzer to determine the unreachable destination. Check that the routers 
on the path to the destination advertise the route. 


+ Time exceeded (network failure) 


Reduce the excessive delays by reducing the size of the internetwork or increasing the 
speed of WAN links. 
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¢ Redirects (router failure) 


Check that all routers on the network are properly configured and are advertising routes. 
Verify that the correct Default Router is configured on the clients. 


9 To verify that all configuration options are set correctly, load INETCFG and then select View 
Configuration. 


7.4 Common Problems 


This section discusses the following common problems and their potential solutions: 


+ Section 7.4.1, “LAN Connectivity Problems,” on page 133 

+ Section 7.4.2, “Router Cannot Ping a Remote Router or the Internet,” on page 134 

+ Section 7.4.3, “Routing Table Maintenance Problems,” on page 135 

+ Section 7.4.4, “IP Address Duplication across Machines,” on page 136 

+ Section 7.4.5, “Server Not Responding under Heavy Stress Conditions,” on page 136 


+ Section 7.4.6, “Load Not Balanced across NICs although LB Is Enabled in INETCFG,” on 
page 136 


+ Section 7.4.7, “Network Traffic Is Not Balanced across NICs,” on page 136 
+ Section 7.4.8, “You Lose INETCFG Configuration Information upon Rebooting,” on page 137 
+ Section 7.4.9, “You Lose the Secondary IP Address upon Deleting Any Binding,” on page 137 


7.4.1 LAN Connectivity Problems 


+ The router does not forward IP packets 


Verify that the IP Packet Forwarding statistic is set to Router Enabled in TCPCON (Protocols > 
IP). If routing is not enabled, enable IP Packet Forwarding under Protocols in INETCFG and 
then issue the REINITIALIZE SYSTEM command. 

















+ A TCP/IP host cannot reach the router on the local network 


¢ Verify that the network portion of the IP address and the subnet mask are the same on the 
router and the host. 


+ Verify that the router and host use the same frame type. 


+ Use PING from the router to verify connectivity to the TCP/IP host and verify that the IP 
Address Translation table has an entry for the host. 


If there is no entry, use MONITOR to check the status of the LAN driver. 


+ Use PING from the router to verify connectivity to the TCP/IP host and check for Echo 
Requests in TCPCON (Statistics > ICMP). 


If the value of the Echo Requests statistic is not incrementing, check the IP statistics for 
errors and perform Step 7 in Section 7.3, "Procedure for Troubleshooting,” on page 132. 


+ Use PING from the router to verify connectivity to the TCP/IP host and check for Echo 
Replies in TCPCON (Statistics > ICMP). 


If the value of the Echo Replies statistic is not incrementing, verify that IP is bound to the 
host's interface with the correct address and mask. Also, verify that the interface driver is 
loaded with the correct frame type. If necessary, check the IP statistics for errors and 
perform Step 7 in Section 7.3, “Procedure for Troubleshooting,” on page 132. 
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+ A TCP/IP host cannot reach a remote host 
¢ Verify that the IP address and mask are correct. 
¢ Verify that the local TCP/IP host has the local router listed as the default router. 


¢ Verify that each router has a routing protocol enabled and that it has not been disabled on 
the interface. 


¢ Starting at the local router, verify that each router has a route to the remote host's network. 


¢ Verify that there are no filters capable of blocking IP traffic configured on any routers 
along the path. 


¢ Verify that the remote host has a route to the local host’s network. 


+ Using PING, verify that the remote host can reach each router on the path to the local TCP/ 
IP host. 


¢ Starting at the router closest to the remote host, verify that each router has a route to the 
local TCP/IP host’s network. 


¢ The router cannot initiate IP traffic to a remote router through a LAN interface 
¢ Verify that IP is bound to the right interface with the correct address and mask. 
+ Check whether the interface driver is loaded with the correct frame type. 


+ Check whether a route exists to the network on which the destination router resides. This 
can be done through the IP Routing Table window of TCPCON. If the destination router is 
accessible, also verify that it has a route to the source router's network. 


+ A TCP/IP host cannot reach another host when fault tolerance is disabled and the NIC that was 
handling the data transfer has gone down 


+ Make sure the NIC is grouped for load balancing and fault tolerance. 


+ Make sure that fault tolerance is enabled for the group. 
To verify that NIC is grouped: 


1 Load INETCFG, then select Bindings > TCP/IP > Configure TCP/IP Bind Option. 
2 Make sure that the Group interface for LBFT is set to Yes. 


To check that fault tolerance is enabled: 


1 Load INETCFG and select Protocols > TCP/IP. 
2 Inthe screen that appears, make sure that fault tolerance is enabled. 


This could be for the complete system. You still need to verify whether fault tolerance is 
enabled for the particular Net Group. 


3 Select Fault Tolerance Configuration > Configure Individual Group. 


Select the particular Net Group, then check whether fault tolerance is enabled for it; if it is not, 
set it to Yes. 


7.4.2 Router Cannot Ping a Remote Router or the Internet 


1 Load INETCFG, then select Bindings > TCP/IP. 
2 Select the Interface Group for your WAN card. 
3 Select WAN Call Destination, press Insert, then select the WAN card. 
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4 Select Static Routing Table, then press Insert. 


The Static Routing entry sets up the default route that points to the Internet Service Provider 


(ISP). 


5 Select Route to Network or Host > Default Route. 


6 Press Esc to save your changes and exit the menus. 


7 For the changes to take effect, reinitialize the system. 


7.4.3 Routing Table Maintenance Problems 


+ Routes are not exchanged on a LAN: 


+ 


+ 


+ 


+ 


Use INETCFG to verify that the IP Packet Forwarding option is enabled. 

Use INETCFG to verify that a routing protocol has been enabled. 

Use INETCFG to verify that the routing protocol has not been disabled on an interface. 
Use TCPCON to examine the routing table and determine which routes are missing. 
Check TCPCON for IP errors. 

Check TCPCON for ICMP errors. 


If you are using RIP, use INETCFG under Bindings, verify that the RIP Mode option is 
not set to Send Only or Receive Only. 


If the RIP Version option is set to RIPII, verify that the other routers also support RIP II. 


Verify that no route filters are configured that would block route information packets for 
that interface. 


If you are using OSPF, verify that the following conditions have been met: 
+ Routers in the area have the same Authentication Type configured. 


+ All routers on the same network have the same Authentication Password configured 


for the interface to the network. 


All routers on the same network have the same Hello Intervals configured for the 
interface to the network. 


The state of each neighbor is either two-way or full in TCPCON (select Protocol 
Information > OSPF > Neighbors). If it is not, one of the two conditions described 
next will occur. Refer to the next two paragraphs for an explanation of the corrective 
actions required. 


In TCPCON, there is a router link state advertisement for each router in your area 
(select Protocol Information > OSPF > Link State Advertisements). If these 
advertisements are not present, verify that the missing router is active and the correct 
area ID is configured for the network interface. 


In TCPCON, the number of link state advertisements, Area Boundary Routers, and 
Autonomous System Boundary Routers are the same for each router in your area 
(select Protocol Information > OSPF > Areas). 

Verify that the problem routers are active. Bring down any router whose routing 
database is not synchronized with the databases of its routing neighbors. If the 
problem persists, reduce the size of your network or add more memory to the router. 


¢ Routes are not exchanged on a LAN 


Verify that the broadcast address is correct. 
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+ RIP routes are not accessible to hosts on OSPF networks 


+ Check the status of the Autonomous System Boundary Router statistic in TCPCON (select 
Protocol Information > OSPF). 


¢ Verify that no filters are configured that would block access to the network. 


7.4.4 IP Address Duplication across Machines 


+ When you are trying to bind an IP address, if you get an error message stating a conflict for the 
IP address, set the allow ip address duplicates command to off under SET parameters. 


7.4.5 Server Not Responding under Heavy Stress Conditions 


Increase the following using the SET command options: 


+ Maximum Packet Receive Buffers (page 64) 
+ Minimum Packet Receive Buffers (page 65) 
+ TCP IP Maximum Small ECBs (page 70) 


7.4.6 Load Not Balanced across NICs although LB Is Enabled 
in INETCFG 


Load balancing might have been enabled only for the system and not for the particular group. Check 
whether you have grouped multiple NICs and enabled load balancing for them. 


To check that load balancing is enabled at the group level: 


1 Load INETCFG, then select Protocols > TCP/IP. 


In the screen that appears, load balancing should enabled. This is for the complete system. You 
still need to verify whether load balancing is enabled for the particular Net Group. 


2 Select Load Balancing Configuration > Configure Individual Group. 


3 Select the particular Net Group and check whether load balancing is enabled for it. If it is not, 
set it to Yes. 


7.4.7 Network Traffic Is Not Balanced across NICs 


¢ Ifthe application is binding to the local host (0.0.0.0), the data is always sent through the 
Primary interface. The Primary interface should be inside the LBFT group for the load to be 
evenly balanced. 


Check whether the interface designated as Primary is within the group or not. If not, either 
group the Primary interface or make one of the group members Primary. 


¢ Ifthe application is not bound to the local host, then the data is always sent through the host 
where the application is bound. To load balance in this case, make sure that this host is inside 
the LBFT Group. 


To check whether a particular binding is part of the LBFT Group: 
1 Load INETCFG, then select Bindings > TCP/IP. 
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2 In the screen that appears, select the Configure TCP/IP Bind option. 
3 Make sure that the group interface for LBFT is set to Yes. 


7.4.8 You Lose INETCFG Configuration Information upon 
Rebooting 


This could happen if the server abended while being configured. This corrupts the 
sys:\etc\tcpic.cfg file. Delete this file and copy a backup of the previous configuration. 


7.4.9 You Lose the Secondary IP Address upon Deleting Any 
Binding 


This could happen if more than one interface is using the same driver. If this is the case, never delete 
any of the bindings. Always disable them if you don't want to use them. 
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Planning Your Advanced 
Configuration 


How you configure TCP/IP (Find more on Chapter 2, “Advanced TCP/IP,” on page 33) beyond the 
most basic configuration depends on the following decisions: 


+ Whether a multiprocessor server can use this version of TCP/IP 


The TCP/IP stack distributes the connection across all processors uniformly, resulting in packet 
processing on different processors in parallel. The TCP/IP stack has been multiprocessor (MP) 
enabled for processing TCP and UDP packets. 


+ Whether to use the computer as a router or an end node (that is, a host) 


The IP Packet Forwarding parameter, which controls IP packet routing, is disabled by default. 
This parameter permits your computer to operate as an IP router. When you want your 
computer to operate as an end node only, disable this parameter. 


+ Whether to use Routing Information Protocol (RIP), Open Shortest Path First (OSPF), or 
a mixed RIP-OSPF environment 


RIP and OSPF are IP routing protocols. If you already have IP routers in your network 
environment, use the same routing protocol they use. If your network currently has no other 
routers, use OSPF. 


To configure your router as a RIP router, see Section 5.1, “RIP,” on page 73. 

To configure your router as an OSPF router, see Section 5.2, “OSPF,” on page 79. 

To configure a mixed RIP-OSPF environment, refer to both of the preceding procedures. 
+ Whether to use static routes on a router 


Static routes are useful for reducing routing traffic, providing security, accessing isolated 
networks, and operating as backup routes on routers. Static routes are required for on-demand 
connections. 


To configure static routes on a router, see Section 5.3, “Static Routes for LANs,” on page 88. 
+ Whether to filter routes or various TCP/IP packets 
Enable filters when you want to do either of the following: 
+ Control access to any services, such as File Transfer Protocol (FTP), on your network. 
+ Reduce the bandwidth consumed by routing traffic. 


To configure TCP/IP filters, you must enable the Filtering Support parameter in INETCFG and 
then load the Filter Configuration utility (FILTCFG). 


+ Whether to configure router discovery 


Router discovery enables end nodes to find an IP router on their network. If your computer is 
operating as a router, it can advertise itself periodically as a router. If your computer is 
operating as an end node, it can send queries to locate a router. 


To configure router discovery, see Section 5.6, “Router Discovery,” on page 98. 
+ Whether to disable Address Resolution Protocol (ARP) or enable Proxy ARP 
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ARP is a LAN protocol that maps Internet addresses to physical addresses. IP routers and end 
nodes use ARP to determine a destination node's physical address. 


An IP router using Proxy ARP replies to ARP requests it receives through an interface on 
behalf of an end node on a network attached to another interface. 


To change the default settings of ARP and Proxy ARP features, see Section 5.8, “ARP,” on 
page 102. 


+ Whether to enable the router to forward directed broadcasts 


A directed broadcast is a broadcast intended only for a subnet rather than all nodes on the 
network. 


To enable directed broadcast forwarding, see Section 5.9, “Directed Broadcast Forwarding,” on 
page 105. 


+ Whether to configure the router or end node as a BOOTP forwarder 


The BOOTP protocol enables end nodes to obtain an IP address at startup time. If there is a 
BOOTP or Dynamic Host Configuration Protocol (DHCP) server on your internetwork, any IP 
routers that are configured to act as a BOOTP forwarder accept and forward BOOTP or DHCP 
requests to the server. The BOOTP or DHCP server then assigns an IP address to the end 
station. 


To configure BOOTP forwarding, see Section 5.11, *BOOTP Forwarding," on page 107. 
* Whether to configure multiple logical interfaces on a single board 


Using multiple logical interfaces enables you to bind more than one IP network to a LAN 
board. Each binding operates as a separate logical interface. 


To configure multiple logical interfaces on a board, see Section 5.13, “Multiple Logical 
Interfaces," on page 108. 


* Whether to use multihoming 


Multihoming enables an interface to be bound to multiple IP addresses on the same network. 
Multihoming can be used for all IP networks bound to a router, whether the networks are bound 
to on the same interface or different interfaces. 


The most common use of multiple addresses on the same network is to enable a Web server to 
operate as though it is several Web servers. In this application, each secondary IP address is 
used by a different virtual host on the same Web server. The Domain Name System (DNS) can 
be used to access these virtual hosts using unique hostnames. 


Multihoming is also commonly used with network address translation (NAT), the proxy server, 
and the virtual private network (VPN). 


To configure multihoming, see Section 5.15, “Secondary IP Address,” on page 111. 


140 NW 6.5 SP8: TCP/ IP Administration Guide 


Configuring TCP/IP Database Files 


TCP/IP uses four database files in the sys:\etc\ directory to convert internal data, such as IP 
addresses, into more identifiable and workable names. 

+ The sys:\etc.hosts file maps hostnames to IP addresses 

+ The sys:\etc.networks maps network names to network addresses 

+ The sys:\etc.protocol maps protocol names to IP protocol numbers 

+ The sys:\etc.services maps service names to TCP and UDP ports 
The user interface for TCPCON and other NLM™ files uses these database files. To inform TCP/IP 
of names and addresses of local nodes and networks, you must add that information to these files. 
The files are cached in memory so that disk access is avoided during lookup. Because of this, TCP/ 


IP takes up more memory. If this is not desirable, keep the size of the database small or simply delete 
the files. 


These files are described in the sections following this discussion. 


+ Section B.1, “Hosts File,” on page 141 
+ Section B.2, “Networks File,” on page 142 
¢ Section B.3, “Protocol File,” on page 143 


+ Section B.4, “Services File,” on page 144 


If you are configuring TCP/IP for the first time, we recommend that you start by copying the sample 
database files from sys:\etc\\samples to sys:\etc\. This provides you with some examples to refer to 
as you add your own entries, and also provides TCP/IP with the PROTOCOL and SERVICES files. 


You can modify these files with a standard text editor from any NetWare® client, or you can use 
edit.nlm from the NetWare system console. The following sections describe the formats of the files, 
which are compatible with the same files on standard 4.3BSD UNIX systems. The examples in the 
sample files can also help you create your own entries. 


The files have the same names and format as the files on UnixWare* systems and other UNIX 
systems. You can use FTP to transfer the files from a UNIX host. 


Each database file describes a table. Each line of the file describes a separate table entry. Blank lines 
and comments are ignored. Comments begin with a pound sign (#) anywhere in a line and include 
the pound sign and any characters following it on the same line. 





IMPORTANT: Do not use the sample addresses provided in the database files if you are connected 
to the Internet; these addresses are for example only. 





B.1 Hosts File 


The sys:\etc\hosts file contains information about the known hosts on the IP internetwork. Typically, 
it is centrally administered and distributed to all local hosts. Its format, as shown in Figure B-1, is 
identical to /etc/hosts on UNIX systems. Each entry provides information about a single host. An 
entry cannot extend beyond one line. 
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Figure B-1 Sample Hosts File 


$ 

# Mappings of host names and host aliases to IP addresses 
# 

127.0.0.1 loopback 1b localhost # loopback address 
# 

# examples from a fictitious network 

# 

129.47.4.2 ta tahiti ta.some.com loghost 


129.47.6.40 osd-frog frog 
129.47.6.144 sj-in5 ins 
192.67.172.71  sj-inl int 


The hosts file entry has the following format: 
IP_address host_name [alias [...]] 


The /P address is a 4-byte address in standard dotted decimal notation. Each byte is a decimal, 
hexadecimal, or octal value and is separated by a period. Hexadecimal numbers must start with the 
character pair 0x or 0X; octal numbers must start with 0. 


The host_name is the name of the system associated with this IP address. The name cannot contain a 
space, tab, pound sign (#), or end-of-line character. Each hostname must be unique. 


The alias is another name for the same system. Typically, this is a shorter name. A single host can 
have from 1 to 10 aliases. For example, the host sales could have the following address and aliases: 


129.0.9.5 sales sa saleshost 


The sample file sys:\etc\samples\hosts is included with the TCP/IP software. When you are 
configuring TCP/IP for the first time, copy the sample hosts file from sys:\etc\samples to sys:\etc. 
You then edit the sys:\etc\hosts file. You can change your configuration at any time by editing your 
existing sys:\etc\hosts file. 


B.2 Networks File 


The sys:\etc\networks file contains information about the networks in your internetwork. Each entry 
provides information about one network. An entry cannot extend beyond one line. Figure B-2 shows 
a sample networks file. 


Figure B-2 Sample Networks File 


# 

# Network numbers 

+ 

loopback 127 # fictitious internal loopback network 
somenet 129.47 # fictitious network number 

# 

# Internet networks 

# 

arpane 10 arpa # historical network 

milnet 26 # military network 
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The networks file entry has the following format: 
network name network number [/network mask] [alias [...]] 


The network_name is the name of the network associated with this network number. The name 
cannot contain a space, tab, pound sign (4), or end-of-line character. The network name must be 
unique. 


The network_number is the number of the network. Hexadecimal numbers must start with the 
character pair Ox or 0X. The network number can be specified with or without trailing zeros. For 
example, the addresses 130.57 and 130.57.0.0 denote the same IP network. 


The network_mask is the subnet mask of the network. Like IP addresses, it can be specified in octal, 
decimal, or hexadecimal notation. This field is optional. If not specified, the subnet mask is deduced 
from existing routing table entries. 


The alias is another name for the same network; you can specify up to 10 aliases for a network. 


The sample file sys:\etc\samples\networks is included with the TCP/IP software. When you are 
configuring TCP/IP for the first time, copy the sample networks file from sys:\etc\samples to 
sys:\etc. Then edit the sys:\etc\networks file. You can change your configuration at any time by 
editing your existing sys:\etc\networks file. 


B.3 Protocol File 


The sys:\etc\protocol file, as shown in Figure B-3, contains information about the known protocols 
used on the internetwork. Each line provides information about one protocol. An entry cannot 
extend beyond one line. 





NOTE: The protocol file is called protocols on UNIX systems. The name is shortened to protocol 
here because of the DOS eight-character limit. 





Figure B-3 Sample Protocol File 


# 

# Internet (IP) protocols 

$ 

ip 0 IP internet protocol, pseudo protocol number 
icmp 1 ICMP internet control message protocol 

igmp 2 IGMP internet group multicast protocol 

ggp 3 


tcp 6 TCP 
pup 12PUP 
udp 1 7UDP 


transmission control protocol 
PARC universal packet protocol 


# 
# 
# 
GGP + gateway-gateway protocol 
# 
# 
# user datagram protocol 


The protocol file entry has the following format: 
protocol name protocol number [alias [...]] 


The protocol_name is the name of the Internet protocol associated with this protocol number. The 
name cannot contain a space, tab, pound sign (#), or end-of-line character. 


The protocol_number is the number of the Internet protocol. 
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The alias is an alternate name for the protocol. 


The sample file sys:\etc\samples\protocol is included with the TCP/IP software. When you are 
configuring TCP/IP for the first time, copy the sample protocol file from sys:\etc\samples to sys:\etc. 
You can then edit the sys:\etc\protocol file. You can change your configuration at any time by 
editing your existing sys:\etc\protocol file. 


B.4 Services File 


The sys:\etc\services file, as shown in Figure B-4, contains information about the known services 
used on the IP internetwork. Each entry provides information about one service. An entry cannot 
extend beyond one line. 


Figure B-4 Sample Services File 


$ 

# Network services 

# 

echo ?/udp 

echo ?/tcp 

discard  9/udp sink null 
discard 9/tcp sink null 
tftp 63/udp 

login 513/tcp 

shell 514/tep cmd 


The services file entry has the following format: 
service name port number /protocol name [alias [...]] 


The service name is the name of the service associated with this port number and protocol name. 
The name cannot contain a space, tab, pound sign (4), or end-of-line character. These are generally 
Application-layer, Presentation-layer, or Session-layer services, such as TFTP, FTP, SMTP, and 
TELNET. 


The port_number is the number of the Internet port used by the service. 


The protocol_name is the protocol with which the service is associated. This is generally a 
Transport-layer or Network-layer protocol, such as TCP or UDP. You must put a slash between the 
port number and the protocol name (for example, SMTP 25/TCP MAIL). 


The alias is an alternate name for the service. 


The sample file sys:\etc\samples\services is included with the TCP/IP software. When you are 
configuring TCP/IP for the first time, you should copy the sample services file from 
sys:\etc\samples to sys:\etc. You can then edit the sys:\etc\services file. You can change your 
configuration at any time by editing your existing sys:\etc\services file. 
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Documentation Updates 


* Section C.1, “November 9, 2009,” on page 145 
+ Section C.2, “December 2008,” on page 145 

+ Section C.3, “October 2008," on page 145 

+ Section C.4, “March 20 2008,” on page 145 

+ Section C.5, “April 28, 2008,” on page 145 


C.1 November 9, 2009 


This guide has been modified for publication on the NetWare 6.5 SP8 Documentation Web site. 


C.2 December 2008 


+ Updated the front file with date. 


C.3 October 2008 


+ Updated the front file with the latest date and release version. 


C.4 March 20 2008 


+ Updated the cross-reference for Novell® Netware® IPv4 Administration Guide for OES. 
+ Updated the preface with a section for Audience. 

+ Updated the guide with common edits and structure. 

+ Updated the book to the December 11, 2007 template. 


C.5 April 28, 2008 


+ Updated the book to the April 24, 2008 template. 
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